AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2026-03-28 · Documentation low

File: prescriptive-guidance/latest/aws-directory-service-for-microsoft-ad-well-architected-analysis/security-pillar.md

Summary

Fixed typographical errors, updated document reference formatting, and made minor grammatical corrections in security guidance documentation

Security assessment

Changes are editorial corrections (typo fixes, apostrophe standardization, reference formatting) and minor wording adjustments. No security recommendations were added, removed, or substantively changed. The security guidance remains the same with only presentational improvements.

Diff

diff --git a/prescriptive-guidance/latest/aws-directory-service-for-microsoft-ad-well-architected-analysis/security-pillar.md b/prescriptive-guidance/latest/aws-directory-service-for-microsoft-ad-well-architected-analysis/security-pillar.md
index 6714a0f17..46fc54e1f 100644
--- a//prescriptive-guidance/latest/aws-directory-service-for-microsoft-ad-well-architected-analysis/security-pillar.md
+++ b//prescriptive-guidance/latest/aws-directory-service-for-microsoft-ad-well-architected-analysis/security-pillar.md
@@ -9 +9 @@ Implement a strong identity foundationActivate traceabilityApply security to all
-The security pillar focuses on protecting information and systems. The following recommendations can help you meet the security design principles and architectural best practices for AWS Managed Microsoft AD.
+The security pillar focuses on protecting information and systems. The following recommendations can help you meet the**** security design principles and architectural best practices for AWS Managed Microsoft AD.
@@ -28 +28 @@ The security pillar focuses on protecting information and systems. The following
-  * Use group Managed Service Accounts (gMSAs) together with Kerberos constrained delegation to manage service accounts. Make sure that you specify and enforce application trust boundaries by limiting when application services can act on a user’s behalf.
+  * Use group Managed Service Accounts (gMSAs) together with Kerberos constrained delegation to manage service accounts. Make sure that you specify and enforce application trust boundaries by limiting when application services can act on a user's behalf.
@@ -35 +35 @@ The security pillar focuses on protecting information and systems. The following
-  * Activate log forwarding on the directory level to forward domain controller security event logs to Amazon CloudWatch Logs. For more information, see [Enable log forwarding](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.html) in the _AWS Directory Service Administration Guide_.
+  * Activate log forwarding on the directory level to forward domain controller security event logs to Amazon CloudWatch Logs. For more information, see [Enable log forwarding](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.html) in the AWS Directory Service documentation.
@@ -52 +52 @@ The security pillar focuses on protecting information and systems. The following
-  * Configure password policies that meet your security standards. For more information, see [Manage password policies for AWS Managed Microsoft AD](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_password_policies.html) in the _AWS Directory Service Administration Guide_.
+  * Configure password policies that meet your security standards. For more information, see [Manage password policies for AWS Managed Microsoft AD](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_password_policies.html) in the AWS Directory Service documentation.
@@ -54 +54 @@ The security pillar focuses on protecting information and systems. The following
-  * Activate multi-factor authentication (MFA). For more information, see [Enable multi-factor authentication for AWS Managed Microsoft AD](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_mfa.html) in the _AWS Directory Service Administration Guide_.
+  * Activate multi-factor authentication (MFA). For more information, see [Enable multi-factor authentication for AWS Managed Microsoft AD](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_mfa.html) in the AWS Directory Service documentation.
@@ -89 +86 @@ To automate event notifications and responses you can use any of the following A
-  * Activate server- and client-side secure Lightweight Directory Access Protocol (LDAP). For more information, see [Enable secure LDAP (LDAPS)](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_ldap.html) in the _AWS Directory Service Administration Guide_.
+  * Activate server-side and client-side secure Lightweight Directory Access Protocol (LDAP). For more information, see [Enable secure LDAP (LDAPS)](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_ldap.html) in the AWS Directory Service documentation.