AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2025-04-18 · Documentation medium

File: AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md

Summary

Added KmsKeyIdentifier property documentation for connection encryption

Security assessment

Documents encryption configuration options using KMS keys as a security feature, but no evidence of addressing a vulnerability

Diff

diff --git a/AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md b/AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md
index d44edd685..40671d37a 100644
--- a//AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md
+++ b//AWSCloudFormation/latest/UserGuide/aws-resource-events-connection.md
@@ -24,0 +25 @@ To declare this entity in your AWS CloudFormation template, use the following sy
+          "KmsKeyIdentifier" : String,
@@ -40,0 +42 @@ To declare this entity in your AWS CloudFormation template, use the following sy
+      KmsKeyIdentifier: String
@@ -101,0 +104,19 @@ _Required_ : No
+`KmsKeyIdentifier`
+    
+
+The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this connection. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.
+
+If you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the connection.
+
+For more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the _AWS Key Management Service Developer Guide_. 
+
+_Required_ : No
+
+ _Type_ : String
+
+ _Pattern_ : `^[a-zA-Z0-9_\-/:]*$`
+
+_Maximum_ : `2048`
+
+ _Update requires_ : [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
+