AWS Security ChangesHomeSearch

AWS directoryservice medium security documentation change

Service: directoryservice · 2026-05-22 · Security-related medium

File: directoryservice/latest/admin-guide/create_hybrid_directory_prereqs.md

Summary

Updated service account requirement from 'Administrator permissions' to 'member of Domain Admins group'

Security assessment

Specifically narrows privileged access requirements to Domain Admins group membership, reducing attack surface by eliminating overly broad administrative permissions. This addresses privilege creep security risks.

Diff

diff --git a/directoryservice/latest/admin-guide/create_hybrid_directory_prereqs.md b/directoryservice/latest/admin-guide/create_hybrid_directory_prereqs.md
index 736557998..8a9c663e1 100644
--- a//directoryservice/latest/admin-guide/create_hybrid_directory_prereqs.md
+++ b//directoryservice/latest/admin-guide/create_hybrid_directory_prereqs.md
@@ -50 +50 @@ Gather the following information about your self-managed AD:
-  * Service account credentials with Administrator permissions to your self-managed AD
+  * A service account credential that is a member of the Domain Admins group in your self-managed AD