AWS res medium security documentation change
Summary
Updated CloudFormation URL encoding and added password security guidance
Security assessment
The explicit instruction to use different passwords for Admin and Service accounts directly addresses privilege separation and reduces credential compromise risks. This constitutes a security best practice.
Diff
diff --git a/res/archive/release-minus-2/ug/create-external-resources.md b/res/archive/release-minus-2/ug/create-external-resources.md index 2a0611317..c1128fef7 100644 --- a//res/archive/release-minus-2/ug/create-external-resources.md +++ b//res/archive/release-minus-2/ug/create-external-resources.md @@ -21 +21 @@ Make sure you are in your administrator account. - 2. Launch [ the template](https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/quickcreate?templateURL=https://s3.amazonaws.com/aws-hpc-recipes/main/recipes/res/res_demo_env/assets/bi.yaml) in the console. + 2. Launch [ the template](https://console.aws.amazon.com/cloudformation/home#/stacks/quickcreate?templateURL=https%3A%2F%2Fs3.amazonaws.com%2Faws-hpc-recipes%2Fmain%2Frecipes%2Fres%2Fres_demo_env%2Fassets%2Fbi.yaml) in the console. @@ -26,0 +27,4 @@ If you are deploying in an AWS GovCloud Region, launch the template in your GovC +###### Important + +Use different values for `AdminPassword` and `ServiceAccountPassword` to maintain proper security boundaries between these accounts. +