AWS AmazonCloudWatch documentation change
Summary
Clarified encryption status of environment variables
Security assessment
Added information about encryption-at-rest for environment variables using KMS, improving security documentation without addressing a specific vulnerability.
Diff
diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_WritingCanary_Nodejs_Pup.md index 8c2c2c3c2..7182366e0 100644 --- a/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_WritingCanary_Nodejs_Pup.md +++ b/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_WritingCanary_Nodejs_Pup.md @@ -165 +165 @@ The names of environment variables can contain letters, numbers, and the undersc -The environment variables keys and values are not encrypted. Do not store sensitive information in them. +Environment variable keys and values are encrypted at rest using AWS owned AWS KMS keys. However, the environment variables are not encrypted on the client side. Do not store sensitive information in them.