AWS Security ChangesHomeSearch

AWS AmazonRDS documentation change

Service: AmazonRDS · 2026-05-31 · Documentation low

File: AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.AdvSecurity.md

Summary

Added warning about permanent nature of TDE (Transparent Data Encryption) option

Security assessment

Documents critical limitation of a security feature (TDE) but doesn't address a vulnerability. Highlights operational security considerations for encryption deployment.

Diff

diff --git a/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.AdvSecurity.md b/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.AdvSecurity.md
index 3cd4ef06a..daf75bfd3 100644
--- a//AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.AdvSecurity.md
+++ b//AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.AdvSecurity.md
@@ -80,0 +81,4 @@ You might want to determine whether your DB instance is associated with an optio
+###### Important
+
+The TDE option is permanent and cannot be removed from a DB instance. If you need to reverse this decision later, you must decrypt all data, export it, and import into a new DB instance without TDE. Plan accordingly before enabling TDE.
+