AWS Security ChangesHomeSearch

AWS res documentation change

Service: res · 2026-03-28 · Documentation medium

File: res/archive/release-minus-2/ug/launch-the-product.md

Summary

Added Cognito user pool parameters and important note about user responsibility for patching infrastructure/VDI hosts

Security assessment

The change adds security documentation by explicitly stating user responsibility for patching infrastructure, which is a security best practice. However, there's no evidence this addresses a specific security vulnerability.

Diff

diff --git a/res/archive/release-minus-2/ug/launch-the-product.md b/res/archive/release-minus-2/ug/launch-the-product.md
index 6e3796acd..2964bd2be 100644
--- a//res/archive/release-minus-2/ug/launch-the-product.md
+++ b//res/archive/release-minus-2/ug/launch-the-product.md
@@ -71,0 +72,2 @@ PrivateKeySecretARNforVDI |  | _(Optional)_ This ARN secret stores the private k
+CognitoUserPoolId |  | Cognito user pool for user and client authentication. RES will create one by default if no Cognito user pool is specified.  
+CognitoUserPoolDomainUrl  |  | Cognito user pool domain for managed login. This parameter must be provided when the `CognitoUserPoolId` is specified.  
@@ -79,0 +82,4 @@ You can view the status of the stack in the AWS CloudFormation console in the **
+###### Important
+
+You are responsible for patching your infra / VDI hosts after deployment.
+