AWS Security ChangesHomeSearch

AWS AmazonRDS documentation change

Service: AmazonRDS · 2026-03-28 · Documentation low

File: AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.NET.md

Summary

Removed 'or an Aurora custom endpoint' from the restriction about what cannot be used to generate IAM authentication tokens, now only mentions custom Route 53 DNS records (applied in two locations in the file).

Security assessment

This change updates documentation about IAM database authentication restrictions. It clarifies that Aurora custom endpoints can now be used to generate authentication tokens, which is a feature update rather than a security fix. No evidence of a security vulnerability being addressed.

Diff

diff --git a/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.NET.md b/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.NET.md
index fc5019a14..26baf5cec 100644
--- a//AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.NET.md
+++ b//AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.NET.md
@@ -51 +51 @@ To download a certificate, see [Using SSL/TLS to encrypt a connection to a DB cl
-You cannot use a custom Route 53 DNS record or an Aurora custom endpoint instead of the DB cluster endpoint to generate the authentication token.
+You cannot use a custom Route 53 DNS record instead of the DB cluster endpoint to generate the authentication token.
@@ -114 +114 @@ To download a certificate, see [Using SSL/TLS to encrypt a connection to a DB cl
-You cannot use a custom Route 53 DNS record or an Aurora custom endpoint instead of the DB cluster endpoint to generate the authentication token.
+You cannot use a custom Route 53 DNS record instead of the DB cluster endpoint to generate the authentication token.