AWS AWSEC2 documentation change
Summary
Removed 'AWS' from 'AWS Directory Service' in Windows security best practices section
Security assessment
Minor terminology adjustment without security implications. The security guidance about avoiding Domain Administrators and using JEA remains unchanged.
Diff
diff --git a/AWSEC2/latest/UserGuide/infrastructure-security.md b/AWSEC2/latest/UserGuide/infrastructure-security.md index e6694db66..6efe98dad 100644 --- a//AWSEC2/latest/UserGuide/infrastructure-security.md +++ b//AWSEC2/latest/UserGuide/infrastructure-security.md @@ -54 +54 @@ Consider the following options for controlling network traffic to your EC2 insta - * [Windows instances] Use Active Directory or AWS Directory Service to tightly and centrally control and monitor interactive user and group access to Windows instances, and avoid local user permissions. Also avoid using Domain Administrators and instead create more granular, application-specific role-based accounts. Just Enough Administration (JEA) allows changes to Windows instances to be managed without interactive or administrator access. In addition, JEA enables organizations to lock down administrative access to the subset of Windows PowerShell commands required for instance administration. For additional information, see the section on "Managing OS-level Access to Amazon EC2" in the [AWS Security Best Practices](https://d1.awsstatic.com/whitepapers/Security/AWS_Security_Best_Practices.pdf) whitepaper. + * [Windows instances] Use Active Directory or Directory Service to tightly and centrally control and monitor interactive user and group access to Windows instances, and avoid local user permissions. Also avoid using Domain Administrators and instead create more granular, application-specific role-based accounts. Just Enough Administration (JEA) allows changes to Windows instances to be managed without interactive or administrator access. In addition, JEA enables organizations to lock down administrative access to the subset of Windows PowerShell commands required for instance administration. For additional information, see the section on "Managing OS-level Access to Amazon EC2" in the [AWS Security Best Practices](https://d1.awsstatic.com/whitepapers/Security/AWS_Security_Best_Practices.pdf) whitepaper.