AWS directoryservice documentation change
Summary
Updated references from 'AWS Directory Service' to 'Directory Service' in log forwarding documentation and API references
Security assessment
Terminology updates in documentation about security log forwarding. While log forwarding supports security monitoring, the changes themselves don't introduce new security capabilities or address vulnerabilities.
Diff
diff --git a/directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md b/directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md index ee387b698..f4c2b1dd5 100644 --- a//directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md +++ b//directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md @@ -9 +9 @@ Using the console to enable log forwardingUsing CLI or PowerShell to enable log -You can use either the AWS Directory Service console or APIs to forward domain controller security event logs to Amazon CloudWatch Logs for your AWS Managed Microsoft AD. This helps you to meet your security monitoring, audit, and log retention policy requirements by providing transparency of the security events in your directory. +You can use either the Directory Service console or APIs to forward domain controller security event logs to Amazon CloudWatch Logs for your AWS Managed Microsoft AD. This helps you to meet your security monitoring, audit, and log retention policy requirements by providing transparency of the security events in your directory. @@ -36 +36 @@ You can enable Amazon CloudWatch Logs log forwarding for your AWS Managed Micros - 1. In the [AWS Directory Service console](https://console.aws.amazon.com/directoryservicev2/) navigation pane, choose **Directories**. + 1. In the [Directory Service console](https://console.aws.amazon.com/directoryservicev2/) navigation pane, choose **Directories**. @@ -83 +83 @@ For instructions on how to create a CloudWatch Logs group, see [Create a log gro -Create a CloudWatch Logs resource policy granting AWS Directory Service rights to add logs into the new log group you created in Step 1. You can either specify the exact ARN to the log group to limit AWS Directory Service's access to other log groups or use a wild card to include all log groups. The following sample policy uses the wild card method to identify that all log groups that start with `/aws/directoryservice/` for the AWS account where your directory resides will be included. +Create a CloudWatch Logs resource policy granting Directory Service rights to add logs into the new log group you created in Step 1. You can either specify the exact ARN to the log group to limit Directory Service's access to other log groups or use a wild card to include all log groups. The following sample policy uses the wild card method to identify that all log groups that start with `/aws/directoryservice/` for the AWS account where your directory resides will be included. @@ -103 +103 @@ PowerShell Command -### Step 3: Create an AWS Directory Service log subscription +### Step 3: Create an Directory Service log subscription