AWS outposts documentation change
Summary
Updated security group configuration instructions to specify required inbound traffic rules (ICMP, TCP 443, UDP 443) and added a note about both TCP and UDP being required for private connectivity.
Security assessment
The change clarifies network security configuration requirements for AWS Outposts private connectivity. While it improves security documentation by specifying exact ports and protocols, there's no evidence it fixes a specific security vulnerability; it appears to be a documentation correction or enhancement for proper configuration.
Diff
diff --git a/outposts/latest/network-userguide/private-connectivity.md b/outposts/latest/network-userguide/private-connectivity.md index c63b47acf..403790218 100644 --- a//outposts/latest/network-userguide/private-connectivity.md +++ b//outposts/latest/network-userguide/private-connectivity.md @@ -49 +49,11 @@ Do not delete this VPC as it maintains the connection to your Outposts. - * Configure the subnet security group to allow traffic for UDP 443 inbound and outbound directions. + * Configure the security group attached to the network interface to allow the following inbound traffic: + + * ICMP from your specified source + + * TCP port 443 from your specified source + + * UDP port 443 from your specified source + +###### Note + +Both TCP and UDP on port 443 are required for private connectivity to function properly.