AWS serverless-application-model documentation change
Summary
Added GPG key expiration notice for SAM CLI installer verification process
Security assessment
Provides advance notice about cryptographic key rotation requirements to maintain verification capabilities. This maintains security practices but doesn't indicate a current vulnerability being patched.
Diff
diff --git a/serverless-application-model/latest/developerguide/reference-sam-cli-install-verify.md b/serverless-application-model/latest/developerguide/reference-sam-cli-install-verify.md index 20c80c5d7..b4eb50c35 100644 --- a//serverless-application-model/latest/developerguide/reference-sam-cli-install-verify.md +++ b//serverless-application-model/latest/developerguide/reference-sam-cli-install-verify.md @@ -21,0 +22,4 @@ When available for your platform, we recommend verifying the signature file opti +###### Important + +The current GPG keys used for AWS SAM CLI Linux installer verification will expire on May 22, 2025. New GPG keys will be published before this date. To ensure you can continue verifying the AWS SAM CLI Linux installer, we recommend you update your GPG keyrings with the new keys when they become available. +