AWS drs documentation change
Summary
Fixed minor grammatical errors and a typo in the infrastructure security documentation, including verb agreement and correcting 'though' to 'through'.
Security assessment
The changes are grammatical fixes ('are based on' to 'is based on') and a typo correction ('though' to 'through'). The content describes existing security practices (TLS 1.2, IAM authentication, key management) but does not introduce new security information, address a specific vulnerability, or document a new security feature. The update is editorial.
Diff
diff --git a/drs/latest/userguide/infrastructure-security.md b/drs/latest/userguide/infrastructure-security.md index 8da555683..1469e000a 100644 --- a//drs/latest/userguide/infrastructure-security.md +++ b//drs/latest/userguide/infrastructure-security.md @@ -15 +15 @@ You use AWS published API calls to access AWS Elastic Disaster Recovery through -All parties involved in the communication authenticate each other using TLS, IAM policies and tokens. The communication between the Agents and the replication server are based on TLS 1.2 only with the highest standard of cipher suite (PFS, ECDHE). Requests between the agent and AWS Elastic Disaster Recovery as well as between the replication server and AWS Elastic Disaster Recovery are signed using an access key ID and a secret access key that is associated with an IAM principal. +All parties involved in the communication authenticate each other using TLS, IAM policies and tokens. The communication between the Agents and the replication server is based on TLS 1.2 only with the highest standard of cipher suite (PFS, ECDHE). Requests between the agent and AWS Elastic Disaster Recovery as well as between the replication server and AWS Elastic Disaster Recovery are signed using an access key ID and a secret access key that is associated with an IAM principal. @@ -19 +19 @@ Additionally, requests must be signed using an access key ID and a secret access -AWS Elastic Disaster Recovery customers must ensure that they manually delete their access keys after installing the AWS Replication Agent and successful recovery. AWS does not delete these keys automatically. AWS Elastic Disaster Recovery does delete the keys from source servers after they are disconnected from the service. If you want your keys to automatically stop working at a certain date after you have finished using them so that you do not have to worry about manually deleting them, you can do so though the [IAM permissions boundary](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) and the [aws:CurrentTime global context key](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-currenttime). +AWS Elastic Disaster Recovery customers must ensure that they manually delete their access keys after installing the AWS Replication Agent and successful recovery. AWS does not delete these keys automatically. AWS Elastic Disaster Recovery does delete the keys from source servers after they are disconnected from the service. If you want your keys to automatically stop working at a certain date after you have finished using them so that you do not have to worry about manually deleting them, you can do so through the [IAM permissions boundary](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) and the [aws:CurrentTime global context key](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-currenttime).