AWS vpc documentation change
Summary
Added clarification that domain-name targets resolving to public IPv6 addresses are not supported.
Security assessment
The change documents a functional limitation (lack of IPv6 support) without evidence of addressing a vulnerability. It doesn't reference security risks, CVEs, or mitigation of exploits.
Diff
diff --git a/vpc/latest/privatelink/resource-configuration.md b/vpc/latest/privatelink/resource-configuration.md index 9f626c706..337e67296 100644 --- a//vpc/latest/privatelink/resource-configuration.md +++ b//vpc/latest/privatelink/resource-configuration.md @@ -159 +159 @@ In the resource configuration, identify the resource in one of the following way - * By a **domain-name target** : You can use any domain name. If you use a private DNS server or your domain is in a Route53 private hosted zone, then the resource gateway must have DNS resolution set to IN_VPC. If your domain name points to an IP that's outside of your VPC, you must have a NAT gateway in your VPC. + * By a **domain-name target** : You can use any domain name. If you use a private DNS server or your domain is in a Route53 private hosted zone, then the resource gateway must have DNS resolution set to IN_VPC. If your domain name points to an IP that's outside of your VPC, you must have a NAT gateway in your VPC. Domain-name targets that resolve to public IPv6 addresses are not supported.