AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2026-05-22 · Documentation low

File: solutions/latest/distributed-load-testing-on-aws/how-distributed-load-testing-on-aws-works.md

Summary

Updated workflow diagrams and descriptions: replaced CloudWatch Events with EventBridge Scheduler, clarified MCP Server authorization process, and refined tool invocation steps.

Security assessment

Changes focus on terminology updates (CloudWatch→EventBridge) and workflow clarifications. No security vulnerabilities are mentioned. The authorization clarification emphasizes existing read-only access but doesn't introduce new security features or address vulnerabilities.

Diff

diff --git a/solutions/latest/distributed-load-testing-on-aws/how-distributed-load-testing-on-aws-works.md b/solutions/latest/distributed-load-testing-on-aws/how-distributed-load-testing-on-aws-works.md
index 64825b62a..d4f8f54e6 100644
--- a//solutions/latest/distributed-load-testing-on-aws/how-distributed-load-testing-on-aws-works.md
+++ b//solutions/latest/distributed-load-testing-on-aws/how-distributed-load-testing-on-aws-works.md
@@ -13 +13 @@ The following detailed breakdown shows the steps involved in running a test scen
-###### Test workflow
+**Test workflow**
@@ -15 +15 @@ The following detailed breakdown shows the steps involved in running a test scen
-![image3](/images/solutions/latest/distributed-load-testing-on-aws/images/image3.png)
+![Test workflow diagram](/images/solutions/latest/distributed-load-testing-on-aws/images/test-workflow.png)
@@ -21 +21 @@ The following detailed breakdown shows the steps involved in running a test scen
-  3. An AWS Step Functions state machine runs using the test ID, task count, test type, and file type as the AWS Step Functions state machine input. If the test is scheduled, it will first create a CloudWatch Events rule, which triggers AWS Step Functions on the specified date. For more details on the scheduling workflow, refer to the [Test scheduling workflow](https://docs.aws.amazon.com/solutions/latest/distributed-load-testing-on-aws/test-scheduling-workflow.html) section of this guide.
+  3. An AWS Step Functions state machine runs using the test ID, task count, test type, and file type as the AWS Step Functions state machine input. If the test is scheduled, it will first create an Amazon EventBridge Scheduler schedule, which triggers AWS Step Functions on the specified date. For more details on the scheduling workflow, refer to the [Test scheduling workflow](https://docs.aws.amazon.com/solutions/latest/distributed-load-testing-on-aws/test-scheduling-workflow.html) section of this guide.
@@ -58 +58 @@ If you deploy the optional MCP Server integration, AI agents can access and anal
-**MCP Server architecture**
+**MCP Server workflow**
@@ -60 +60 @@ If you deploy the optional MCP Server integration, AI agents can access and anal
-![MCP Server architecture showing integration with DLT components](/images/solutions/latest/distributed-load-testing-on-aws/images/mcp-server-architecture.png)
+![MCP Server workflow diagram](/images/solutions/latest/distributed-load-testing-on-aws/images/mcp-server-workflow.png)
@@ -62 +62 @@ If you deploy the optional MCP Server integration, AI agents can access and anal
-  1. **Customer interaction** \- The customer interacts with DLT’s MCP via the MCP Endpoint hosted by AWS AgentCore Gateway. AI agents connect to this endpoint to request access to load testing data.
+  1. **Customer interaction** \- The customer interacts with the Distributed Load Testing solution through an AI agent. The agent connects to the MCP Endpoint to request access to load testing data.
@@ -64 +64 @@ If you deploy the optional MCP Server integration, AI agents can access and anal
-  2. **Authorization** \- AgentCore Gateway handles authorization against the Solution Cognito user pool application client. The gateway validates the user’s Cognito token to ensure they have permission to access the DLT MCP server. Authorized users are granted access with agent tool access limited to read-only operations.
+  2. **Authorization** \- AgentCore Gateway validates the user’s Amazon Cognito authentication token to ensure the user has permission to access the DLT MCP Server. Authorized users receive read-only access to load testing data through the available agent tools.
@@ -66 +66 @@ If you deploy the optional MCP Server integration, AI agents can access and anal
-  3. **Tool specification** \- AgentCore Gateway connects to the DLT MCP Server Lambda function. A tool specification defines the available tools that AI agents can use to interact with your load testing data.
+  3. **Tool invocation** \- AgentCore Gateway forwards authorized MCP tool requests to the DLT MCP Tools Lambda function. The Lambda function implements the tools that AI agents use to retrieve load testing information.
@@ -68 +68 @@ If you deploy the optional MCP Server integration, AI agents can access and anal
-  4. **Read-only API access** \- The Lambda function is scoped to read-only API access through the existing DLT API Gateway endpoints. The function provides four primary operations:
+  4. **Read-only API access** \- The DLT MCP Tools Lambda function calls the existing DLT API Gateway endpoints to retrieve test data from DynamoDB, S3, and CloudFormation regional stacks. The Lambda function provides four primary operations: