AWS Security ChangesHomeSearch

AWS res high security documentation change

Service: res · 2026-06-22 · Security-related high

File: res/archive/release-minus-2/ug/revisions.md

Summary

Added December 2025 release notes detailing security enhancements and fixes

Security assessment

The release notes document multiple security improvements including S3 encryption enforcement, DynamoDB backups, permission hardening, and instance type enforcement fixes that close security gaps.

Diff

diff --git a/res/archive/release-minus-2/ug/revisions.md b/res/archive/release-minus-2/ug/revisions.md
index 08bec2343..8ba3af793 100644
--- a//res/archive/release-minus-2/ug/revisions.md
+++ b//res/archive/release-minus-2/ug/revisions.md
@@ -12,0 +13,24 @@ Date | Change
+December 2025 | 
+
+  * Release version 2025.12 Enhancements
+    * Propagation of custom CloudFormation tags to all RES components during deployment.
+    * Allow administrators to disable Active Directory joining for Windows hosts.
+    * Enable administrators to set default schedules for VDI desktop instances.
+    * S3 bucket access logging enabled for compliance and audit requirements.
+    * SSL/TLS encryption required on all S3 bucket communications.
+    * Enabled point-in-time recovery for RES managed DynamoDB tables.
+    * Updated permissions of /opt/cognito_auth directory to root-only access.
+Changes
+    * Migrated VDC-related APIs out of the VDC EC2 host to the backend Lambda.
+Bug Fixes
+    * Refreshing Allowed Instance Types when launching a new VDI.
+    * Fixed missing dependencies for efs_utils.
+    * Fixed cost dashboard total number of sessions in RES portal.
+    * Fixed issue where users could manually bypass the allowed instance types.
+    * Addressed race condition that could block DCV connection for Linux VDIs.
+    * Added missing operating systems from Software Stack page OS drop-down menu.
+    * Fixed frequent logout issue when using custom domain with Chrome.
+    * Fixed issue where the runtime SSSD configurations are not applied after disabling AD join.
+    * Fixed RES environment deletion failure caused by remaining VDI role.
+
+