AWS Security ChangesHomeSearch

AWS sap documentation change

Service: sap · 2026-05-28 · Documentation low

File: sap/latest/general/aws-nitro.md

Summary

Fixed multiple broken links and markdown formatting in Nitro System documentation

Security assessment

The changes are purely cosmetic (link fixes) and don't alter security content. The existing security descriptions about VPC traffic encryption and live updates remain unchanged.

Diff

diff --git a/sap/latest/general/aws-nitro.md b/sap/latest/general/aws-nitro.md
index f1744aa10..48ee89ee6 100644
--- a//sap/latest/general/aws-nitro.md
+++ b//sap/latest/general/aws-nitro.md
@@ -11 +11 @@ AWS Nitro System is the underlying technology used for [Amazon Elastic Compute C
-A traditional virtualization architecture consists of "hypervisor" or "Virtual Machine Monitor (VMM)" and what is commonly known as {https---docs-aws-amazon-com-whitepapers-latest-security-design-of-aws-nitro-system-traditional-virtualization-primer-html----text-Xen-20Project-20calls-20the-20system-E2-80-99s-20dom0}['Dom0’] in Xen project or ["parent partition"](https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/hyper-v-architecture) in Hyper-V. More details on traditional virtualization architecture is available [here](https://docs.aws.amazon.com/whitepapers/latest/security-design-of-aws-nitro-system/traditional-virtualization-primer.html).
+A traditional virtualization architecture consists of "hypervisor" or "Virtual Machine Monitor (VMM)" and what is commonly known as ["Dom0"](https://docs.aws.amazon.com/whitepapers/latest/security-design-of-aws-nitro-system/traditional-virtualization-primer.html) in Xen project or ["parent partition"](https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/hyper-v-architecture) in Hyper-V. More details on traditional virtualization architecture is available [here](https://docs.aws.amazon.com/whitepapers/latest/security-design-of-aws-nitro-system/traditional-virtualization-primer.html).
@@ -25 +25 @@ Nitro Controller - This is the sole outward facing management interface between
-Networking - The newer generation of Nitro cards for VPC transparently encrypt all VPC traffic to other EC2 instances running on hosts also equipped with encryption compatible Nitro Cards. It uses Authenticated Encryption with Associated Data (AEAD) algorithms, with 256-bit encryption. In RISE with SAP, depending on customer’s requirements, different families of compute instances are selected. While AWS provides secure and private connectivity between EC2 instances of all types, in-transit traffic encryption is available between the later generation instances only. Please check whether your RISE with SAP instances are supported for this feature {https---docs-aws-amazon-com-AWSEC2-latest-UserGuide-data-protection-html-encryption-transit}[here].
+Networking - The newer generation of Nitro cards for VPC transparently encrypt all VPC traffic to other EC2 instances running on hosts also equipped with encryption compatible Nitro Cards. It uses Authenticated Encryption with Associated Data (AEAD) algorithms, with 256-bit encryption. In RISE with SAP, depending on customer’s requirements, different families of compute instances are selected. While AWS provides secure and private connectivity between EC2 instances of all types, in-transit traffic encryption is available between the later generation instances only. Please check whether your RISE with SAP instances are supported for this feature [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data-protection.html#encryption-transit).
@@ -66 +66 @@ This simplicity of the Nitro Hypervisor is a significant security benefit compar
-  * Both the Nitro Card firmware and the hypervisor are designed to be live-updatable (zero downtime for customer instances). This eliminates the need for carefully balanced tradeoffs around updates yielding improved security posture. Please find more information {https---d1-awsstatic-com-events-Summits-awsreinforce2023-DAP401-Security-design-of-the-AWS-Nitro-System-pdf}[here].
+  * Both the Nitro Card firmware and the hypervisor are designed to be live-updatable (zero downtime for customer instances). This eliminates the need for carefully balanced tradeoffs around updates yielding improved security posture. Please find more information [here](https://d1.awsstatic.com/events/Summits/awsreinforce2023/DAP401-Security-design-of-the-AWS-Nitro-System.pdf).