AWS glue medium security documentation change
Summary
Updated JDBC_ENFORCE_SSL parameter to be case-insensitive and adjusted regex pattern reference for KmsKeyArn
Security assessment
Making JDBC_ENFORCE_SSL case-insensitive prevents misconfigurations where users might use uppercase values (e.g., 'True') that previously could have been ignored, potentially leaving SSL unenforced. This directly addresses a security risk by ensuring consistent SSL enforcement.
Diff
diff --git a/glue/latest/dg/aws-glue-api-catalog-connections-connections.md b/glue/latest/dg/aws-glue-api-catalog-connections-connections.md index a64ce528a..b76e03603 100644 --- a//glue/latest/dg/aws-glue-api-catalog-connections-connections.md +++ b//glue/latest/dg/aws-glue-api-catalog-connections-connections.md @@ -96 +96 @@ These key-value pairs define parameters for the connection when using the versio - * `JDBC_ENFORCE_SSL` \- A Boolean string (true, false) specifying whether Secure Sockets Layer (SSL) with hostname matching is enforced for the JDBC connection on the client. The default is false. + * `JDBC_ENFORCE_SSL` \- A case-insensitive Boolean string (true, false) specifying whether Secure Sockets Layer (SSL) with hostname matching is enforced for the JDBC connection on the client. The default is false. @@ -524 +524 @@ The secret manager ARN to store credentials in the CreateConnection request. - * `KmsKeyArn` – UTF-8 string, matching the [Custom string pattern #29](./aws-glue-api-common.html#regex_29). + * `KmsKeyArn` – UTF-8 string, matching the [Custom string pattern #42](./aws-glue-api-common.html#regex_42).