AWS AWSCloudFormation documentation change
Summary
Added KmsKeyIdentifier property documentation for connection encryption
Security assessment
Documents encryption configuration options using KMS keys as a security feature, but no evidence of addressing a vulnerability
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md b/AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md index d44edd685..40671d37a 100644 --- a//AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md +++ b//AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md @@ -24,0 +25 @@ To declare this entity in your AWS CloudFormation template, use the following sy + "KmsKeyIdentifier" : String, @@ -40,0 +42 @@ To declare this entity in your AWS CloudFormation template, use the following sy + KmsKeyIdentifier: String @@ -101,0 +104,19 @@ _Required_ : No +`KmsKeyIdentifier` + + +The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this connection. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN. + +If you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the connection. + +For more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the _AWS Key Management Service Developer Guide_. + +_Required_ : No + + _Type_ : String + + _Pattern_ : `^[a-zA-Z0-9_\-/:]*$` + +_Maximum_ : `2048` + + _Update requires_ : [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) +