AWS AWSCloudFormation documentation change
Summary
Added detailed requirements for SASL client authentication including encryption in transit dependencies and TLS settings
Security assessment
Clarifies security configuration requirements but does not address a specific vulnerability
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-clientauthentication.md b/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-clientauthentication.md index 09cff7501..f1844f4d5 100644 --- a//AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-clientauthentication.md +++ b//AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-clientauthentication.md @@ -39 +39 @@ To declare this entity in your AWS CloudFormation template, use the following sy -Property description not available. +Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT`. If you choose `TLS_PLAINTEXT`, then you must also set `unauthenticated` to true. @@ -50 +50 @@ _Required_ : No -Property description not available. +Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS`. @@ -61 +61 @@ _Required_ : No -Property description not available. +Details for ClientAuthentication using no authentication.