AWS Security ChangesHomeSearch

AWS appstream2 documentation change

Service: appstream2 · 2025-11-07 · Documentation low

File: appstream2/latest/developerguide/app-persistence-s3-buckets.md

Summary

Updated service name references from 'AppStream 2.0' to 'WorkSpaces Applications'. Maintained existing security controls around S3 bucket encryption and access policies.

Security assessment

Changes only reflect service renaming. Security aspects like encryption (SSL/TLS for transit, AWS Managed CMKs for at-rest) and bucket protection policies remain unchanged. No new security features or vulnerability fixes introduced.

Diff

diff --git a/appstream2/latest/developerguide/app-persistence-s3-buckets.md b/appstream2/latest/developerguide/app-persistence-s3-buckets.md
index 856babc16..ae30078fd 100644
--- a//appstream2/latest/developerguide/app-persistence-s3-buckets.md
+++ b//appstream2/latest/developerguide/app-persistence-s3-buckets.md
@@ -3 +3 @@
-[Documentation](/index.html)[Amazon AppStream 2.0](/appstream2/index.html)[Administration Guide](what-is-appstream.html)
+[Documentation](/index.html)[Amazon WorkSpaces Applications](/appstream2/index.html)[Administration Guide](what-is-appstream.html)
@@ -7 +7 @@
-When you enable application settings persistence, your users’ application customizations and Windows settings are automatically saved to a Virtual Hard Disk (VHD) file that is stored in an Amazon S3 bucket created in your AWS account. For every AWS Region, AppStream 2.0 creates a bucket in your account that is unique to your account and the Region. All application settings configured by your users are stored in the bucket for that Region.
+When you enable application settings persistence, your users’ application customizations and Windows settings are automatically saved to a Virtual Hard Disk (VHD) file that is stored in an Amazon S3 bucket created in your AWS account. For every AWS Region, WorkSpaces Applications creates a bucket in your account that is unique to your account and the Region. All application settings configured by your users are stored in the bucket for that Region.
@@ -9 +9 @@ When you enable application settings persistence, your users’ application cust
-You do not need to perform any configuration tasks to manage these S3 buckets; they are fully managed by the AppStream 2.0 service. The VHD file that is stored in each bucket is encrypted in transit using Amazon S3's SSL endpoints and at rest using [AWS Managed CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk). The buckets are named in a specific format as follows:
+You do not need to perform any configuration tasks to manage these S3 buckets; they are fully managed by the WorkSpaces Applications service. The VHD file that is stored in each bucket is encrypted in transit using Amazon S3's SSL endpoints and at rest using [AWS Managed CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk). The buckets are named in a specific format as follows:
@@ -24 +24 @@ Your AWS account ID. The random identifier ensures there is no conflict with oth
-For example, if you enable application settings persistence for stacks in the US West (Oregon) Region (us-west-2) on account number 123456789012, AppStream 2.0 creates an Amazon S3 bucket within your account in that Region with the name shown. Only an administrator with sufficient permissions can delete this bucket.
+For example, if you enable application settings persistence for stacks in the US West (Oregon) Region (us-west-2) on account number 123456789012, WorkSpaces Applications creates an Amazon S3 bucket within your account in that Region with the name shown. Only an administrator with sufficient permissions can delete this bucket.
@@ -29 +29 @@ For example, if you enable application settings persistence for stacks in the US
-Disabling application settings persistence does not delete any VHDs stored in the S3 bucket. To permanently delete settings VHDs, you or another administrator with adequate permissions must do so by using the Amazon S3 console or API. AppStream 2.0 adds a bucket policy that prevents accidental deletion of the bucket. For more information, see _IAM Policies and the Amazon S3 Bucket for Application Settings Persistence_ in [Identity and Access Management for Amazon AppStream 2.0](./controlling-access.html).
+Disabling application settings persistence does not delete any VHDs stored in the S3 bucket. To permanently delete settings VHDs, you or another administrator with adequate permissions must do so by using the Amazon S3 console or API. WorkSpaces Applications adds a bucket policy that prevents accidental deletion of the bucket. For more information, see _IAM Policies and the Amazon S3 Bucket for Application Settings Persistence_ in [Identity and Access Management for Amazon WorkSpaces Applications](./controlling-access.html).
@@ -56 +56 @@ The settings group value. This value is applied to one or more stacks that share
-The identity method of the user: `custom` for the AppStream 2.0 API or CLI, `federated` for SAML, and `userpool` for user pool users.
+The identity method of the user: `custom` for the WorkSpaces Applications API or CLI, `federated` for SAML, and `userpool` for user pool users.