AWS Security ChangesHomeSearch

AWS mgn documentation change

Service: mgn · 2026-06-07 · Documentation low

File: mgn/latest/ug/infrastructure-security.md

Summary

Updated service name references from 'AWS Application Migration Service' to 'AWS Transform MGN' throughout the document

Security assessment

The changes are purely rebranding updates replacing the old service name with the new name 'AWS Transform MGN'. No security content, configurations, or recommendations were modified or added. The security practices described remain identical.

Diff

diff --git a/mgn/latest/ug/infrastructure-security.md b/mgn/latest/ug/infrastructure-security.md
index 62a81c4d9..48044160b 100644
--- a//mgn/latest/ug/infrastructure-security.md
+++ b//mgn/latest/ug/infrastructure-security.md
@@ -5 +5 @@
-[Documentation](/index.html)[Application Migration Service](/mgn/index.html)[User Guide](what-is-mgn.html)
+[Documentation](/index.html)[AWS Transform MGN](/mgn/index.html)[User Guide](what-is-mgn.html)
@@ -9 +9 @@ NEW - You can now accelerate your migration and modernization with AWS Transform
-# Infrastructure security in AWS Application Migration Service
+# Infrastructure security in AWS Transform MGN
@@ -11 +11 @@ NEW - You can now accelerate your migration and modernization with AWS Transform
-As a managed service, AWS Application Migration Service is protected by the AWS global network security procedures that are described in the [Amazon Web Services: Overview of Security Processes ](https://d0.awsstatic.com/whitepapers/Security/AWS_Security_Whitepaper.pdf) whitepaper. 
+As a managed service, AWS Transform MGN is protected by the AWS global network security procedures that are described in the [Amazon Web Services: Overview of Security Processes ](https://d0.awsstatic.com/whitepapers/Security/AWS_Security_Whitepaper.pdf) whitepaper. 
@@ -13 +13 @@ As a managed service, AWS Application Migration Service is protected by the AWS
-You use AWS published API calls to access AWS Application Migration Service through the network. Clients must support Transport Layer Security (TLS) 1.2 or later. Clients must also support cipher suites with perfect forward secrecy (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support these modes. 
+You use AWS published API calls to access AWS Transform MGN through the network. Clients must support Transport Layer Security (TLS) 1.2 or later. Clients must also support cipher suites with perfect forward secrecy (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support these modes. 
@@ -15 +15 @@ You use AWS published API calls to access AWS Application Migration Service thro
-All parties involved in the communication authenticate each other using TLS, IAM policies and tokens. The communication between the Agents and the replication server are based on TLS 1.2 only with the highest standard of cipher suite (PFS, ECDHE. Requests between the agent and AWS Application Migration Service as well as between the replication server and Application Migration Service are signed using an access key ID and a secret access key that is associated with an IAM principal). 
+All parties involved in the communication authenticate each other using TLS, IAM policies and tokens. The communication between the Agents and the replication server are based on TLS 1.2 only with the highest standard of cipher suite (PFS, ECDHE. Requests between the agent and AWS Transform MGN as well as between the replication server and Application Migration Service are signed using an access key ID and a secret access key that is associated with an IAM principal). 
@@ -19 +19 @@ All requests must be signed using the [AWS Security Token Service](https://docs.
-AWS Application Migration Service customers must ensure that they manually delete their access keys after installing the AWS Replication Agent and successful migration. AWS does not delete these keys automatically. AWS Application Migration Service does delete the keys from source servers after they are disconnected from the service. If you want your keys to automatically stop working at a certain date after you have finished using them so that you do not have to worry about manually deleting them, you can do so though the [IAM permissions boundary](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) and the [aws:CurrentTime global context key](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-currenttime). 
+AWS Transform MGN customers must ensure that they manually delete their access keys after installing the AWS Replication Agent and successful migration. AWS does not delete these keys automatically. AWS Transform MGN does delete the keys from source servers after they are disconnected from the service. If you want your keys to automatically stop working at a certain date after you have finished using them so that you do not have to worry about manually deleting them, you can do so though the [IAM permissions boundary](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) and the [aws:CurrentTime global context key](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-currenttime). 
@@ -21 +21 @@ AWS Application Migration Service customers must ensure that they manually delet
-AWS Application Migration Service customers should use [Amazon EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html). 
+AWS Transform MGN customers should use [Amazon EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html). 
@@ -23 +23 @@ AWS Application Migration Service customers should use [Amazon EBS encryption](h
-AWS Application Migration Service customers should secure their replication servers by reducing their exposure to the public internet. This can be done through: 
+AWS Transform MGN customers should secure their replication servers by reducing their exposure to the public internet. This can be done through: 
@@ -32 +32 @@ AWS Application Migration Service customers should secure their replication serv
-AWS Application Migration Service creates and uses the "aws-replication" user within the Linux Source server. The AWS Application Migration Service replication server and AWS Replication Agent run under this user. Although this is not a root user, this user needs to be part of the disk group that grants this user full read and write permissions to block devices. 
+AWS Transform MGN creates and uses the "aws-replication" user within the Linux Source server. The AWS Transform MGN replication server and AWS Replication Agent run under this user. Although this is not a root user, this user needs to be part of the disk group that grants this user full read and write permissions to block devices. 
@@ -36 +36 @@ AWS Application Migration Service creates and uses the "aws-replication" user wi
-AWS Application Migration Service only uses these permissions to read from block devices. 
+AWS Transform MGN only uses these permissions to read from block devices.