AWS Security ChangesHomeSearch

AWS secretsmanager documentation change

Service: secretsmanager · 2026-01-10 · Documentation medium

File: secretsmanager/latest/userguide/mes-security.md

Summary

Added guidance to restrict IP ingress using AWS EC2 IP ranges for external resource access during secret rotation

Security assessment

Documentation promotes security best practices by recommending network access restrictions, but doesn't address a specific vulnerability or incident. It enhances security awareness without patching a known issue.

Diff

diff --git a/secretsmanager/latest/userguide/mes-security.md b/secretsmanager/latest/userguide/mes-security.md
index 7400a2bad..82cb063c7 100644
--- a//secretsmanager/latest/userguide/mes-security.md
+++ b//secretsmanager/latest/userguide/mes-security.md
@@ -12,0 +13,2 @@ For rotation to function properly, you must provide Secrets Manager with specifi
+You can restrict the IP ingress to your external resource by only allowing the [AWS IP ranges](https://docs.aws.amazon.com/vpc/latest/userguide/aws-ip-ranges.html) for EC2 in the region where your secret exists. This list of IP ranges can change so you should refresh your ingress rules periodically.
+