AWS deadline-cloud documentation change
Summary
Clarified recommendation about avoiding sensitive data in free-form fields across AWS services
Security assessment
The change adds no new security guidance - merely clarifies existing advice about data handling. No indication of addressing a specific vulnerability.
Diff
diff --git a/deadline-cloud/latest/developerguide/security-best-practices.md b/deadline-cloud/latest/developerguide/security-best-practices.md index a2c74be31..5cf3e6fd5 100644 --- a//deadline-cloud/latest/developerguide/security-best-practices.md +++ b//deadline-cloud/latest/developerguide/security-best-practices.md @@ -34 +34 @@ For data protection purposes, we recommend that you protect AWS account credenti -We strongly recommend that you never put sensitive identifying information, such as your customers' account numbers, into free-form fields such as a **Name** field. This includes when you work with AWS Deadline Cloud or other AWS services using the console, API, AWS CLI, or AWS SDKs. Any data that you enter into Deadline Cloud or other services might get picked up for inclusion in diagnostic logs. When you provide a URL to an external server, don’t include credentials information in the URL to validate your request to that server. +We strongly recommend that you never put sensitive identifying information, such as your customers' account numbers, into free-form fields such as a **Name** field. This recommendation includes when you work with AWS Deadline Cloud or other AWS services using the console, API, AWS CLI, or AWS SDKs. Any data that you enter into Deadline Cloud or other services might get picked up for inclusion in diagnostic logs. When you provide a URL to an external server, don’t include credentials information in the URL to validate your request to that server.