AWS Security ChangesHomeSearch

AWS mgn medium security documentation change

Service: mgn · 2026-06-01 · Security-related medium

File: mgn/latest/ug/connector-register-server-credentials.md

Summary

Updated secret tagging requirements to mandate 'AWSApplicationMigrationServiceManaged=True' tag value instead of empty value.

Security assessment

Enforcing a specific tag value ('True') improves security by ensuring only intentionally tagged secrets are used by the migration service, reducing risk of accidental secret usage. This addresses potential misconfiguration vulnerabilities.

Diff

diff --git a/mgn/latest/ug/connector-register-server-credentials.md b/mgn/latest/ug/connector-register-server-credentials.md
index f538dc9c1..a55b4f801 100644
--- a//mgn/latest/ug/connector-register-server-credentials.md
+++ b//mgn/latest/ug/connector-register-server-credentials.md
@@ -25 +25 @@ To perform actions on your source server, you must provide source server credent
-    * Be sure to add the AWSApplicationMigrationServiceManaged tag to the secret. The value is ignored, and may be left empty.
+    * Be sure to add the `AWSApplicationMigrationServiceManaged` tag to the secret with the value set to `True`.
@@ -65 +65 @@ Specify either:
-    * **Tags** \- Secret key-value pairs will be assigned to the new secret. Note that AWSApplicationMigrationServiceManaged tag will also be added.
+    * **Tags** \- Secret key-value pairs will be assigned to the new secret. Note that `AWSApplicationMigrationServiceManaged` tag will also be added with the value set to `True`.