AWS Security ChangesHomeSearch

AWS res medium security documentation change

Service: res · 2026-06-22 · Security-related medium

File: res/archive/release-minus-2/ug/setup-custom-domain-after-install.md

Summary

Updated header to include certificate rotation and added automatic daily certificate retrieval from Secrets Manager

Security assessment

Added certificate rotation documentation and automated secret retrieval. Certificate rotation prevents expired/compromised certificates from being used, addressing potential MITM attacks. The automation ensures timely updates.

Diff

diff --git a/res/archive/release-minus-2/ug/setup-custom-domain-after-install.md b/res/archive/release-minus-2/ug/setup-custom-domain-after-install.md
index 13cd1ca1c..74ea01b17 100644
--- a//res/archive/release-minus-2/ug/setup-custom-domain-after-install.md
+++ b//res/archive/release-minus-2/ug/setup-custom-domain-after-install.md
@@ -46 +46 @@
-###### Add certs to the VDIs
+###### Add certs to the VDIs or rotate certs
@@ -88 +88 @@
-  5. Terminate the existing dcv-gateway instance: ``<env-name>`-vdc-gateway` and wait for a new one to spin up.
+  5. Terminate the existing dcv-gateway instance: ``<env-name>`-vdc-gateway` and wait for a new one to spin up. The dcv-gateway instance checks daily at 12:00 AM (midnight) UTC for changes to the certificate and private key values stored in Secrets Manager, and automatically retrieves and applies new values if updated.