AWS Security ChangesHomeSearch

AWS directconnect documentation change

Service: directconnect · 2025-11-19 · Documentation low

File: directconnect/latest/UserGuide/infrastructure-security.md

Summary

Updated service name references from 'AWS Direct Connect' to 'Direct Connect' throughout the document. No technical security content changes - maintains same TLS requirements, access policies, and network isolation guidance.

Security assessment

Changes are purely branding/terminology updates. Security protocols (TLS 1.3, PFS cipher suites) and access control mechanisms remain unchanged. No evidence of addressing vulnerabilities or adding new security features.

Diff

diff --git a/directconnect/latest/UserGuide/infrastructure-security.md b/directconnect/latest/UserGuide/infrastructure-security.md
index b550caeb2..b320c4fb6 100644
--- a//directconnect/latest/UserGuide/infrastructure-security.md
+++ b//directconnect/latest/UserGuide/infrastructure-security.md
@@ -7 +7 @@ Border Gateway Protocol
-# Infrastructure security in AWS Direct Connect
+# Infrastructure security in Direct Connect
@@ -9 +9 @@ Border Gateway Protocol
-As a managed service, AWS Direct Connect is protected by the AWS global network security procedures. You use AWS published API calls to access AWS Direct Connect through the network. Clients must support Transport Layer Security (TLS) 1.2 or later. We recommend TLS 1.3. Clients must also support cipher suites with perfect forward secrecy (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support these modes.
+As a managed service, AWS Direct Connect is protected by the AWS global network security procedures. You use AWS published API calls to access Direct Connect through the network. Clients must support Transport Layer Security (TLS) 1.2 or later. We recommend TLS 1.3. Clients must also support cipher suites with perfect forward secrecy (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support these modes.
@@ -13 +13 @@ Additionally, requests must be signed by using an access key ID and a secret acc
-You can call these API operations from any network location, but AWS Direct Connect supports resource-based access policies, which can include restrictions based on the source IP address. You can also use AWS Direct Connect policies to control access from specific Amazon Virtual Private Cloud (Amazon VPC) endpoints or specific VPCs. Effectively, this isolates network access to a given AWS Direct Connect resource from only the specific VPC within the AWS network. For example, see [Identity-based policy examples for Direct Connect](./security_iam_id-based-policy-examples.html). 
+You can call these API operations from any network location, but Direct Connect supports resource-based access policies, which can include restrictions based on the source IP address. You can also use Direct Connect policies to control access from specific Amazon Virtual Private Cloud (Amazon VPC) endpoints or specific VPCs. Effectively, this isolates network access to a given Direct Connect resource from only the specific VPC within the AWS network. For example, see [Identity-based policy examples for Direct Connect](./security_iam_id-based-policy-examples.html).