AWS Security ChangesHomeSearch

AWS securityagent documentation change

Service: securityagent · 2026-06-13 · Documentation low

File: securityagent/latest/userguide/data-protection.md

Summary

Expanded data transfer documentation to include multiple cloud providers and added private connection options via VPC Lattice

Security assessment

The change enhances security documentation by specifying communication endpoints for additional services (GitLab, Bitbucket, Confluence) and introduces Amazon VPC Lattice as a private connection option for self-hosted providers. This provides clearer security guidance but doesn't address a specific vulnerability. The added private connection option documents a security feature for keeping traffic within AWS network.

Diff

diff --git a/securityagent/latest/userguide/data-protection.md b/securityagent/latest/userguide/data-protection.md
index 4e840d96b..217ca957f 100644
--- a//securityagent/latest/userguide/data-protection.md
+++ b//securityagent/latest/userguide/data-protection.md
@@ -68 +68,3 @@ AWS Security Agent uses AWS Key Management Service (AWS KMS) to manage encryptio
-AWS Security Agent uses the public internet to communicate with GitHub.
+AWS Security Agent uses the public internet to communicate with cloud-hosted source control providers (GitHub, GitLab, Bitbucket) and Confluence Cloud.
+
+For self-hosted providers (GitLab Self-Managed, GitHub Enterprise Server), you can configure private connections using Amazon VPC Lattice to keep all traffic within the AWS network. For more information, see [Connect to privately hosted source control](./connect-private-connection.html).