AWS Security ChangesHomeSearch

AWS deadline-cloud documentation change

Service: deadline-cloud · 2026-01-10 · Documentation low

File: deadline-cloud/latest/userguide/security-best-practices.md

Summary

Updated verification instructions for Deadline Cloud submitter and monitor installers with direct download links and simplified commands

Security assessment

The changes improve documentation for verifying software integrity through digital signatures but don't reference any specific vulnerability. Updates include direct download links and simplified commands without version placeholders, enhancing security best practices for package verification.

Diff

diff --git a/deadline-cloud/latest/userguide/security-best-practices.md b/deadline-cloud/latest/userguide/security-best-practices.md
index 8b064ea3a..4f96f9282 100644
--- a//deadline-cloud/latest/userguide/security-best-practices.md
+++ b//deadline-cloud/latest/userguide/security-best-practices.md
@@ -421 +421,3 @@ To verify the Deadline Cloud submitter installer, complete the following steps:
-    1. Return to the Deadline Cloud [console](https://console.aws.amazon.com/deadlinecloud/home) **Downloads** page and download the signature file for the Deadline Cloud submitter installer.
+    1. Download the signature file for the Deadline Cloud submitter installer.
+
+[Download signature file (.sig)](https://downloads.deadlinecloud.amazonaws.com/submitters/latest/linux/DeadlineCloudSubmitter-linux-x64-installer.run.sig)
@@ -435 +437,9 @@ To verify the Deadline Cloud monitor desktop application with signature files, c
-    1. Return to the Deadline Cloud [console](https://console.aws.amazon.com/deadlinecloud/home) **Downloads** page and download the corresponding .sig file, and then run
+    1. Download the corresponding signature file for your Deadline Cloud monitor installer:
+
+       * [Download .deb signature file](https://downloads.deadlinecloud.amazonaws.com/dcm/latest/deadline-cloud-monitor_amd64.deb.sig)
+
+       * [Download .rpm signature file](https://downloads.deadlinecloud.amazonaws.com/dcm/latest/deadline-cloud-monitor.x86_64.rpm.sig)
+
+       * [Download .AppImage signature file](https://downloads.deadlinecloud.amazonaws.com/dcm/latest/deadline-cloud-monitor_amd64.AppImage.sig)
+
+    2. Verify the signature:
@@ -439 +449 @@ To verify the Deadline Cloud monitor desktop application with signature files, c
-                gpg --verify ./deadline-cloud-monitor_<APP_VERSION>_amd64.deb.sig ./deadline-cloud-monitor_<APP_VERSION>_amd64.deb
+                gpg --verify ./deadline-cloud-monitor_amd64.deb.sig ./deadline-cloud-monitor_amd64.deb
@@ -443 +453 @@ To verify the Deadline Cloud monitor desktop application with signature files, c
-                gpg --verify ./deadline-cloud-monitor_<APP_VERSION>_x86_64.deb.sig ./deadline-cloud-monitor_<APP_VERSION>_x86_64.rpm
+                gpg --verify ./deadline-cloud-monitor.x86_64.rpm.sig ./deadline-cloud-monitor.x86_64.rpm
@@ -447 +457 @@ To verify the Deadline Cloud monitor desktop application with signature files, c
-                gpg --verify ./deadline-cloud-monitor_<APP_VERSION>_amd64.AppImage.sig ./deadline-cloud-monitor_<APP_VERSION>_amd64.AppImage
+                gpg --verify ./deadline-cloud-monitor_amd64.AppImage.sig ./deadline-cloud-monitor_amd64.AppImage
@@ -449 +459 @@ To verify the Deadline Cloud monitor desktop application with signature files, c
-    2. Confirm that the output looks similar to the following:
+    3. Confirm that the output looks similar to the following:
@@ -460 +470 @@ If the output contains the phrase `Good signature from "AWS Deadline Cloud"`, it
-###### Historical Keys
+**Historical Keys**
@@ -525 +535,3 @@ To verify packages that use a Linux .deb binary, first complete steps 1-3 in the
-  1. From the Deadline Cloud [console](https://console.aws.amazon.com/deadlinecloud/home) **Downloads** page, download the Deadline Cloud monitor .deb file.
+  1. Download the Deadline Cloud monitor .deb file:
+
+[Download Deadline Cloud monitor (.deb)](https://downloads.deadlinecloud.amazonaws.com/dcm/latest/deadline-cloud-monitor_amd64.deb)
@@ -527 +539 @@ To verify packages that use a Linux .deb binary, first complete steps 1-3 in the
-  2. Replace `<APP_VERSION>` with the version of the .deb file you want to verify.
+  2. Verify the .deb file:
@@ -529 +541 @@ To verify packages that use a Linux .deb binary, first complete steps 1-3 in the
-        dpkg-sig --verify deadline-cloud-monitor_<APP_VERSION>_amd64.deb
+        dpkg-sig --verify deadline-cloud-monitor_amd64.deb
@@ -533 +545 @@ To verify packages that use a Linux .deb binary, first complete steps 1-3 in the
-        ProcessingLinux deadline-cloud-monitor_<APP_VERSION>_amd64.deb...
+        Processing deadline-cloud-monitor_amd64.deb...
@@ -546 +558,3 @@ To verify packages that use a Linux .rpm binary, first complete steps 1-3 in the
-  1. From the Deadline Cloud [console](https://console.aws.amazon.com/deadlinecloud/home) **Downloads** page, download the Deadline Cloud monitor .rpm file.
+  1. Download the Deadline Cloud monitor .rpm file:
+
+[Download Deadline Cloud monitor (.rpm)](https://downloads.deadlinecloud.amazonaws.com/dcm/latest/deadline-cloud-monitor.x86_64.rpm)
@@ -548 +562 @@ To verify packages that use a Linux .rpm binary, first complete steps 1-3 in the
-  2. Replace `<APP_VERSION>` with the version of the .rpm file to verify.
+  2. Verify the .rpm file:
@@ -552 +566 @@ To verify packages that use a Linux .rpm binary, first complete steps 1-3 in the
-    rpm -K deadline-cloud-monitor-<APP_VERSION>-1.x86_64.rpm
+    rpm -K deadline-cloud-monitor.x86_64.rpm
@@ -556 +570 @@ To verify packages that use a Linux .rpm binary, first complete steps 1-3 in the
-        deadline-cloud-monitor-deadline-cloud-monitor-<APP_VERSION>-1.x86_64.rpm-1.x86_64.rpm: digests signatures OK
+        deadline-cloud-monitor.x86_64.rpm: digests signatures OK