AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2025-04-11 · Documentation low

File: AWSCloudFormation/latest/UserGuide/aws-resource-iot-scheduledaudit.md

Summary

Fixed typo ('aviable' to 'available') and reformatted audit check examples with proper YAML/JSON syntax

Security assessment

Typo correction and code formatting improvements. The listed security audit checks (certificate expirations, policy checks) were already documented - changes only affect presentation, not security content.

Diff

diff --git a/AWSCloudFormation/latest/UserGuide/aws-resource-iot-scheduledaudit.md b/AWSCloudFormation/latest/UserGuide/aws-resource-iot-scheduledaudit.md
index 09dc13257..cc633d1b8 100644
--- a//AWSCloudFormation/latest/UserGuide/aws-resource-iot-scheduledaudit.md
+++ b//AWSCloudFormation/latest/UserGuide/aws-resource-iot-scheduledaudit.md
@@ -120 +120 @@ Which checks are performed during the scheduled audit. Checks must be enabled fo
-The following checks are currently aviable: 
+The following checks are currently available: 
@@ -187,8 +187,19 @@ In this ScheduledAudit example, all audit checks are enabled, the frequency of t
-    { "AWSTemplateFormatVersion": "2010-09-09", "Description": "Amazon
-                Web Services IoT ScheduledAudit Sample Template", "Resources": { "MyScheduledAudit": {
-                "Type": "AWS::IoT::ScheduledAudit", "Properties": { "ScheduledAuditName":
-                "MyScheduledAudit", "DayOfWeek" : "MON", "Frequency" : "WEEKLY", "TargetCheckNames": [
-                "AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK", "CA_CERTIFICATE_EXPIRING_CHECK",
-                "CA_CERTIFICATE_KEY_QUALITY_CHECK", "CONFLICTING_CLIENT_IDS_CHECK",
-                "DEVICE_CERTIFICATE_EXPIRING_CHECK", "DEVICE_CERTIFICATE_KEY_QUALITY_CHECK",
-                "DEVICE_CERTIFICATE_SHARED_CHECK", "IOT_POLICY_OVERLY_PERMISSIVE_CHECK",
+    {
+      "AWSTemplateFormatVersion": "2010-09-09",
+      "Description": "Amazon Web Services IoT ScheduledAudit Sample Template",
+      "Resources": {
+        "MyScheduledAudit": {
+          "Type": "AWS::IoT::ScheduledAudit",
+          "Properties": {
+            "ScheduledAuditName": "MyScheduledAudit",
+            "DayOfWeek": "MON",
+            "Frequency": "WEEKLY",
+            "TargetCheckNames": [
+              "AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK",
+              "CA_CERTIFICATE_EXPIRING_CHECK",
+              "CA_CERTIFICATE_KEY_QUALITY_CHECK",
+              "CONFLICTING_CLIENT_IDS_CHECK",
+              "DEVICE_CERTIFICATE_EXPIRING_CHECK",
+              "DEVICE_CERTIFICATE_KEY_QUALITY_CHECK",
+              "DEVICE_CERTIFICATE_SHARED_CHECK",
+              "IOT_POLICY_OVERLY_PERMISSIVE_CHECK",
@@ -196 +207,2 @@ In this ScheduledAudit example, all audit checks are enabled, the frequency of t
-                "IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK", "LOGGING_DISABLED_CHECK",
+              "IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK",
+              "LOGGING_DISABLED_CHECK",
@@ -199 +211,6 @@ In this ScheduledAudit example, all audit checks are enabled, the frequency of t
-                "UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK" ] } } } }
+              "UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK"
+            ]
+          }
+        }
+      }
+    }
@@ -204,13 +221,24 @@ In this ScheduledAudit example, all audit checks are enabled, the frequency of t
-    AWSTemplateFormatVersion: '2010-09-09' Description: Amazon Web
-                Services IoT ScheduledAudit Sample Template Resources: MyScheduledAudit: Type:
-                AWS::IoT::ScheduledAudit Properties: ScheduledAuditName: MyScheduledAudit DayOfWeek:
-                'MON' Frequency: WEEKLY TargetCheckNames: -
-                AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK - CA_CERTIFICATE_EXPIRING_CHECK -
-                CA_CERTIFICATE_KEY_QUALITY_CHECK - CONFLICTING_CLIENT_IDS_CHECK -
-                DEVICE_CERTIFICATE_EXPIRING_CHECK - DEVICE_CERTIFICATE_KEY_QUALITY_CHECK -
-                DEVICE_CERTIFICATE_SHARED_CHECK - IOT_POLICY_OVERLY_PERMISSIVE_CHECK -
-                IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK -
-                IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK - LOGGING_DISABLED_CHECK -
-                REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK -
-                REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK -
-                UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK
+    AWSTemplateFormatVersion: '2010-09-09'
+    Description: Amazon Web Services IoT ScheduledAudit Sample Template
+    Resources:
+      MyScheduledAudit:
+        Type: AWS::IoT::ScheduledAudit
+        Properties:
+          ScheduledAuditName: MyScheduledAudit
+          DayOfWeek: 'MON'
+          Frequency: WEEKLY
+          TargetCheckNames:
+            - AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK
+            - CA_CERTIFICATE_EXPIRING_CHECK
+            - CA_CERTIFICATE_KEY_QUALITY_CHECK
+            - CONFLICTING_CLIENT_IDS_CHECK
+            - DEVICE_CERTIFICATE_EXPIRING_CHECK
+            - DEVICE_CERTIFICATE_KEY_QUALITY_CHECK
+            - DEVICE_CERTIFICATE_SHARED_CHECK
+            - IOT_POLICY_OVERLY_PERMISSIVE_CHECK
+            - IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK
+            - IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK
+            - LOGGING_DISABLED_CHECK
+            - REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK
+            - REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK
+            - UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK