AWS AmazonRDS documentation change
Summary
Added engine-specific service principal configurations for newer AWS regions in Kerberos setup
Security assessment
The change updates authentication documentation for PostgreSQL Kerberos integration in newer regions, ensuring secure configuration. This maintains authentication security but doesn't fix a specific vulnerability.
Diff
diff --git a/AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md b/AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md index 162a9516b..84a064362 100644 --- a//AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md +++ b//AmazonRDS/latest/AuroraUserGuide/postgresql-kerberos-setting-up.md @@ -295,0 +296,9 @@ Replace REGION-CODE with the code for your specific Region. For example, use the +For AWS Regions launched after Israel (Tel Aviv), starting with Canada West (Calgary), use the engine-specific service principal `directoryservice-`engine`.rds.`region-code`.amazonaws.com`, where `engine` is `aurora-postgresql`. For example, for Canada West (Calgary) Region: + + + "Service": [ + "directoryservice-aurora-postgresql.rds.ca-west-1.amazonaws.com", + "rds.ca-west-1.amazonaws.com" + ] + +