AWS vpn documentation change
Summary
Added documentation for disabling BGP logging on VPN tunnels and updated terminology from 'tunnel logging' to 'tunnel activity logging'
Security assessment
The change adds documentation about disabling BGP logging capabilities, which is a security monitoring feature. While logging is a security-relevant capability, the change itself documents feature usage rather than addressing a specific vulnerability.
Diff
diff --git a/vpn/latest/s2svpn/disable-logs.md b/vpn/latest/s2svpn/disable-logs.md index 18c0ab82b..009d6222e 100644 --- a//vpn/latest/s2svpn/disable-logs.md +++ b//vpn/latest/s2svpn/disable-logs.md @@ -9 +9 @@ Disable VPN logging on a connection if you no longer want to track any activity -###### To disable tunnel logging on a Site-to-Site VPN connection +###### To disable tunnel activity logging on a Site-to-Site VPN connection @@ -29,0 +30,21 @@ Disable VPN logging on a connection if you no longer want to track any activity +###### To disable tunnel BGP logging on a Site-to-Site VPN connection + + 1. Open the Amazon VPC console at [https://console.aws.amazon.com/vpc/](https://console.aws.amazon.com/vpc/). + + 2. In the navigation pane, choose **Site-to-Site VPN Connections**. + + 3. Select the VPN connection that you want to modify from the **VPN connections** list. + + 4. Select **Actions** , **Modify VPN tunnel options**. + + 5. Select the tunnel that you want to modify by choosing the appropriate IP address from the **VPN tunnel outside IP address** list. + + 6. Under **Tunnel BGP log** , clear **Enable**. + + 7. Select **Save changes**. + + 8. (Optional) Repeat steps 4 through 7 for the other tunnel if desired. + + + +