AWS Security ChangesHomeSearch

AWS AmazonRDS documentation change

Service: AmazonRDS · 2026-06-22 · Documentation low

File: AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md

Summary

Added engine-specific service principal configurations for newer AWS regions in Kerberos setup

Security assessment

The change updates authentication documentation for PostgreSQL Kerberos integration in newer regions, ensuring secure configuration. This maintains authentication security but doesn't fix a specific vulnerability.

Diff

diff --git a/AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md b/AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md
index 162a9516b..84a064362 100644
--- a//AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md
+++ b//AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md
@@ -295,0 +296,9 @@ Replace REGION-CODE with the code for your specific Region. For example, use the
+For AWS Regions launched after Israel (Tel Aviv), starting with Canada West (Calgary), use the engine-specific service principal `directoryservice-`engine`.rds.`region-code`.amazonaws.com`, where `engine` is `aurora-postgresql`. For example, for Canada West (Calgary) Region:
+    
+    
+    "Service": [
+      "directoryservice-aurora-postgresql.rds.ca-west-1.amazonaws.com",
+      "rds.ca-west-1.amazonaws.com"
+    ]
+    
+