AWS quicksight documentation change
Summary
Updated documentation to clarify that when a 'RetireGrant' event occurs, the resource (not just SPICE dataset) is no longer CMK encrypted
Security assessment
The change improves documentation about encryption status but does not address a specific security vulnerability or incident. It does add clarity to security-related documentation about customer-managed keys.
Diff
diff --git a/quicksight/latest/user/customer-managed-keys-verify-key.md index 68453d856..e2ec25928 100644 --- a/quicksight/latest/user/customer-managed-keys-verify-key.md +++ b/quicksight/latest/user/customer-managed-keys-verify-key.md @@ -54 +54 @@ When a key is used, an audit log is created in AWS CloudTrail. You can use the l -`RetireGrant` – If latest CloudTrail event of the SPICE dataset is `RetireGrant`, there is no key ID and the SPICE dataset is no longer CMK encrypted. +`RetireGrant` – If latest CloudTrail event of the SPICE datasets is `RetireGrant`, there is no key ID and the resource is no longer CMK encrypted.