AWS securityagent documentation change
Summary
Updated documentation for Private VPC domain verification, clarifying that the penetration test target endpoint domain name must match the full domain name configured for verification.
Security assessment
This change clarifies requirements for private VPC penetration testing domain verification. It improves documentation accuracy but does not address a specific security vulnerability.
Diff
diff --git a/securityagent/latest/userguide/manage-target-domains.md b/securityagent/latest/userguide/manage-target-domains.md index a43ed6e46..6a68256f3 100644 --- a//securityagent/latest/userguide/manage-target-domains.md +++ b//securityagent/latest/userguide/manage-target-domains.md @@ -51 +51 @@ In order for a target domain to be used in a penetration test, it must first be - * **Private VPC domain** : Verify the target domain IP falls within a private CIDR range (see [Connect agent to private VPC resources](./connect-agent-vpc.html) for a list of private CIDR ranges). Click **Verify** and confirm that the target domain status becomes **Unreachable**. This domain can now be used for penetration testing with a configured VPC + * **Private VPC** : Verifies the target domain’s IP falls within a private CIDR range (see [Connect agent to private VPC resources](./connect-agent-vpc.html) for a list of private CIDR ranges). The penetration test target endpoint domain name must match the full domain name configured for verification. Only usable for private VPC penetration testing