AWS AmazonCloudWatch documentation change
Summary
Clarified that KMS keys cannot be associated with existing log groups using the CloudWatch console
Security assessment
The change improves clarity about KMS key association but does not address a specific security issue
Diff
diff --git a/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md index b33c29047..ff90ea26c 100644 --- a/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md +++ b/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md @@ -35 +35 @@ CloudWatch Logs supports only symmetric KMS keys. Do not use an asymmetric key t - * You cannot associate a KMS key with a log group using the CloudWatch console. + * You can't associate a KMS key with an existing log group using the CloudWatch console.