AWS prescriptive-guidance documentation change
Summary
Updated breadcrumb title, fixed URL references to Well-Architected Framework, and corrected formatting
Security assessment
URL updates point to current documentation locations but don't change security guidance. Formatting corrections and title changes don't address vulnerabilities or modify security recommendations. Content still promotes security best practices but no new security documentation is added.
Diff
diff --git a/prescriptive-guidance/latest/essential-eight-maturity/restrict-administrative-privileges.md b/prescriptive-guidance/latest/essential-eight-maturity/restrict-administrative-privileges.md index ee7280db3..56b296a27 100644 --- a//prescriptive-guidance/latest/essential-eight-maturity/restrict-administrative-privileges.md +++ b//prescriptive-guidance/latest/essential-eight-maturity/restrict-administrative-privileges.md @@ -5 +5 @@ -[Documentation](/index.html)[AWS Prescriptive Guidance](https://aws.amazon.com/prescriptive-guidance/)[Reaching Essential Eight maturity on AWS](introduction.html) +[Documentation](/index.html)[AWS Prescriptive Guidance](https://aws.amazon.com/prescriptive-guidance/)[Reaching Essential Eight maturity on AWS: Security and compliance for Australian organizations](introduction.html) @@ -17 +17 @@ Privileged accounts are prevented from accessing the internet, email and web ser -Privileged users use separate privileged and unprivileged operating environments. | [Theme 5: Establish a data perimeter](./theme-5.html) | [Establish a data perimeter](https://docs.aws.amazon.com/whitepapers/latest/building-a-data-perimeter-on-aws/building-a-data-perimeter-on-aws.html). Consider implementing data perimeters between environments of different data classifications, such as `OFFICIAL:SENSITIVE` or `PROTECTED`, or different risk levels, such as development, test, or production. | [SEC06-BP03 Reduce manual management and interactive access](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_protect_compute_reduce_manual_management.html) +Privileged users use separate privileged and unprivileged operating environments.| [Theme 5: Establish a data perimeter](./theme-5.html)| [Establish a data perimeter](https://docs.aws.amazon.com/whitepapers/latest/building-a-data-perimeter-on-aws/building-a-data-perimeter-on-aws.html). Consider implementing data perimeters between environments of different data classifications, such as `OFFICIAL:SENSITIVE` or `PROTECTED`, or different risk levels, such as development, test, or production.| [SEC06-BP03 Reduce manual management and interactive access](https://docs.aws.amazon.com/wellarchitected/latest/framework/sec_protect_compute_reduce_manual_management.html) @@ -22 +22 @@ Just-in-time administration is used for administering systems and applications. -Administrative activities are conducted through jump servers. | [Theme 1: Use managed services](./theme-1.html)[Theme 3: Manage mutable infrastructure with automation](./theme-3.html): Use automation rather than manual processes | Use [Session Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html) or [Run Command](https://docs.aws.amazon.com/systems-manager/latest/userguide/run-command.html) instead of direct SSH or RDP access | [SEC01-BP05 Reduce security management scope](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_securely_operate_reduce_management_scope.html)[SEC06-BP03 Reduce manual management and interactive access](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_protect_compute_reduce_manual_management.html) +Administrative activities are conducted through jump servers.| [Theme 1: Use managed services](./theme-1.html)[Theme 3: Manage mutable infrastructure with automation](./theme-3.html): Use automation rather than manual processes| Use [Session Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html) or [Run Command](https://docs.aws.amazon.com/systems-manager/latest/userguide/run-command.html) instead of direct SSH or RDP access| [SEC01-BP05 Reduce security management scope](https://docs.aws.amazon.com/wellarchitected/latest/framework/sec_securely_operate_reduce_management_scope.html)[SEC06-BP03 Reduce manual management and interactive access](https://docs.aws.amazon.com/wellarchitected/latest/framework/sec_protect_compute_reduce_manual_management.html)