AWS Security ChangesHomeSearch

AWS cloudhsm documentation change

Service: cloudhsm · 2025-03-30 · Documentation low

File: cloudhsm/latest/userguide/create-2fa.md

Summary

Formatting changes to CAUTION notice, added 'y' confirmation in prompt, corrected signature syntax examples

Security assessment

Changes are formatting improvements and example corrections without addressing vulnerabilities or security features

Diff

diff --git a/cloudhsm/latest/userguide/create-2fa.md b/cloudhsm/latest/userguide/create-2fa.md
index 0a8a684a4..0bb6c2edc 100644
--- a/cloudhsm/latest/userguide/create-2fa.md
+++ b/cloudhsm/latest/userguide/create-2fa.md
@@ -20 +20,2 @@ Use AWS CloudHSM Management Utility CMU (CMU) and the key pair to create a new c
-        *************************CAUTION********************************This is a CRITICAL operation, should be done on all nodes in the
+        *************************CAUTION********************************
+        This is a CRITICAL operation, should be done on all nodes in the
@@ -26 +27 @@ Use AWS CloudHSM Management Utility CMU (CMU) and the key pair to create a new c
-        Do you want to continue(y/n)?
+        Do you want to continue(y/n)? y
@@ -28 +29 @@ Use AWS CloudHSM Management Utility CMU (CMU) and the key pair to create a new c
-        yCreating User exampleuser3(CO) on 1 nodesAuthentication data written to: "/home/ec2-user/authdata"Generate Base64-encoded signatures for SHA256 digests in the authentication datafile. 
+        Creating User exampleuser3(CO) on 1 nodesAuthentication data written to: "/home/ec2-user/authdata"Generate Base64-encoded signatures for SHA256 digests in the authentication datafile. 
@@ -91 +92 @@ This is the PEM format for public key which is accepted in the authdata file.
-          "Signature":””    
+              "Signature": ""   
@@ -118 +118 @@ As shown in the above command, use **openssl pkeyutl** instead of **openssl dgst
-                    "Signature": "Kkdl ... rkrvJ6Q=="
+                    "Signature": <"Kkdl ... rkrvJ6Q==">
@@ -123 +123 @@ As shown in the above command, use **openssl pkeyutl** instead of **openssl dgst
-                    "Signature": "K1hxy ... Q261Q=="
+                    "Signature": <"K1hxy ... Q261Q==">