AWS res documentation change
Summary
Updated certificate management instructions to include daily automated certificate rotation from Secrets Manager.
Security assessment
The change documents certificate rotation practices, which are security best practices, but there's no evidence of a patched vulnerability. The automation improves security posture proactively.
Diff
diff --git a/res/latest/ug/setup-custom-domain-after-install.md b/res/latest/ug/setup-custom-domain-after-install.md index caf62086b..ea65c6ea1 100644 --- a//res/latest/ug/setup-custom-domain-after-install.md +++ b//res/latest/ug/setup-custom-domain-after-install.md @@ -44 +44 @@ -###### Add certs to the VDIs +###### Add certs to the VDIs or rotate certs @@ -86 +86 @@ - 5. Terminate the existing dcv-gateway instance: ``<env-name>`-vdc-gateway` and wait for a new one to spin up. + 5. Terminate the existing dcv-gateway instance: ``<env-name>`-vdc-gateway` and wait for a new one to spin up. The dcv-gateway instance checks daily at 12:00 AM (midnight) UTC for changes to the certificate and private key values stored in Secrets Manager, and automatically retrieves and applies new values if updated.