AWS security-ir documentation change
Summary
Restructured document by removing 'Contents' section, adding 'Topics' section with new subtopics, and updated warning language about sensitive information
Security assessment
This change significantly expands data protection documentation by adding new sections on data collection, residency, and access permissions. It strengthens warning language about sensitive information in tags/free-form fields. While it enhances security documentation, there's no evidence it addresses a specific security vulnerability.
Diff
diff --git a/security-ir/latest/userguide/data-protection.md b/security-ir/latest/userguide/data-protection.md index fb495e43e..66b4b1f6f 100644 --- a//security-ir/latest/userguide/data-protection.md +++ b//security-ir/latest/userguide/data-protection.md @@ -9,7 +8,0 @@ -###### Contents - - * [Data encryption](./data-encryption.html) - - - - @@ -33 +26,14 @@ For data protection purposes, AWS security best practices state that you should -You should never put confidential or sensitive information, such as your email addresses, into tags or free-form text fields such as a **Name** field. This includes when you work with AWS Support or other AWS services using the console, API, AWS CLI, or AWS SDKs. Any data that you enter tags or free-form text fields used for names may be used for billing or diagnostic logs. If you provide a URL to an external server, we _**strongly**_ recommend that you do not include credentials information in the URL to validate your request to that server. +Never put confidential or sensitive information, such as your email addresses, into tags or free-form text fields such as a **Name** field. This includes when you work with AWS Support or other AWS services using the console, API, AWS Command Line Interface, or AWS SDKs. Any data that you enter tags or free-form text fields used for names might be used for billing or diagnostic logs. If you provide a URL to an external server, we _**strongly**_ recommend that you do not include credentials information in the URL to validate your request to that server. + +###### Topics + + * [Data encryption](./data-encryption.html) + + * [Data collection and usage](./data-collection-and-usage.html) + + * [Data residency and regional behavior](./data-residency-and-regional-behavior.html) + + * [Data access and permissions](./data-access-and-permissions.html) + + +