AWS Security ChangesHomeSearch

AWS vpc documentation change

Service: vpc · 2025-11-22 · Documentation low

File: vpc/latest/peering/what-is-vpc-peering.md

Summary

Added clarification that inter-Region traffic encryption occurs 'before leaving AWS facilities'

Security assessment

This enhances documentation of existing security controls by specifying when encryption is applied. It doesn't address a vulnerability but provides clearer security context about data protection.

Diff

diff --git a/vpc/latest/peering/what-is-vpc-peering.md b/vpc/latest/peering/what-is-vpc-peering.md
index 554cc95d4..4b7158f76 100644
--- a//vpc/latest/peering/what-is-vpc-peering.md
+++ b//vpc/latest/peering/what-is-vpc-peering.md
@@ -19 +19 @@ A VPC peering connection helps you to facilitate the transfer of data. For examp
-When you establish peering relationships between VPCs across different AWS Regions, resources in the VPCs (for example, EC2 instances and Lambda functions) in different AWS Regions can communicate with each other using private IP addresses, without using a gateway, VPN connection, or network appliance. The traffic remains in the private IP address space. All inter-Region traffic is encrypted with no single point of failure, or bandwidth bottleneck. Traffic always stays on the global AWS backbone, and never traverses the public internet, which reduces threats, such as common exploits, and DDoS attacks. Inter-Region VPC peering provides a simple and cost-effective way to share resources between Regions or replicate data for geographic redundancy.
+When you establish peering relationships between VPCs across different AWS Regions, resources in the VPCs (for example, EC2 instances and Lambda functions) in different AWS Regions can communicate with each other using private IP addresses, without using a gateway, VPN connection, or network appliance. The traffic remains in the private IP address space. All inter-Region traffic is encrypted before leaving AWS facilities with no single point of failure, or bandwidth bottleneck. Traffic always stays on the global AWS backbone, and never traverses the public internet, which reduces threats, such as common exploits, and DDoS attacks. Inter-Region VPC peering provides a simple and cost-effective way to share resources between Regions or replicate data for geographic redundancy.