AWS Security ChangesHomeSearch

AWS wellarchitected documentation change

Service: wellarchitected · 2025-11-07 · Documentation low

File: wellarchitected/latest/end-user-computing-lens/eucsec14-bp03.md

Summary

Updated service name from AppStream 2.0 to WorkSpaces Applications in data access controls section

Security assessment

Change updates product nomenclature but preserves existing security recommendations about restricting data channels. No evidence of addressing specific security vulnerabilities.

Diff

diff --git a/wellarchitected/latest/end-user-computing-lens/eucsec14-bp03.md b/wellarchitected/latest/end-user-computing-lens/eucsec14-bp03.md
index 7e8faec46..c8cf72ac7 100644
--- a//wellarchitected/latest/end-user-computing-lens/eucsec14-bp03.md
+++ b//wellarchitected/latest/end-user-computing-lens/eucsec14-bp03.md
@@ -23 +23 @@ End user systems can provide multiple channels for users to export and access da
-  * **Restrict data access to required functionality within Amazon AppStream 2.0** : To protect data on the endpoint used to connect to an Amazon AppStream 2.0 session and the AppStream 2.0 instance itself, implement controls to close potential inbound or outbound channels that are not required by the users connecting to the service. The service has controls to configure the clipboard, file transfer, printing to a local device, and file system redirection. You can configure each of these options on an AppStream 2.0 stack and disable them when not required. For details on configuring data access restrictions with Amazon AppStream 2.0, see [Create an Amazon AppStream 2.0 Fleet and Stack](https://docs.aws.amazon.com/appstream2/latest/developerguide/set-up-stacks-fleets.html#set-up-stacks-fleets-install). 
+  * **Restrict data access to required functionality within Amazon WorkSpaces Applications** : To protect data on the endpoint used to connect to an Amazon WorkSpaces Applications session and the WorkSpaces Applications instance itself, implement controls to close potential inbound or outbound channels that are not required by the users connecting to the service. The service has controls to configure the clipboard, file transfer, printing to a local device, and file system redirection. You can configure each of these options on an WorkSpaces Applications stack and disable them when not required. For details on configuring data access restrictions with Amazon AppStream 2.0, see [Create an Amazon WorkSpaces Applications Fleet and Stack](https://docs.aws.amazon.com/appstream2/latest/developerguide/set-up-stacks-fleets.html#set-up-stacks-fleets-install).