AWS securityagent documentation change
Summary
Added note explaining automatic sub-domain coverage for DNS/HTTP verification methods and explicit requirements for Private VPC verification.
Security assessment
Documents security validation scope for penetration testing domains. Clarifies security boundaries between verification methods without addressing vulnerabilities.
Diff
diff --git a/securityagent/latest/userguide/enable-test-domain.md b/securityagent/latest/userguide/enable-test-domain.md index 5999c54de..028a46287 100644 --- a//securityagent/latest/userguide/enable-test-domain.md +++ b//securityagent/latest/userguide/enable-test-domain.md @@ -29,0 +30,4 @@ You can add a base domain or a sub-domain, such as `example.com` or `billing.exa +###### Note + +When you verify a domain using DNS TXT or HTTP route verification, sub-domains of that domain are automatically covered. For example, verifying `example.com` allows you to test `api.example.com` or `billing.example.com` without additional verification. For Private VPC verification, the target endpoint domain name must match the full domain name configured for verification. +