AWS AWSCloudFormation high security documentation change
Summary
Added security warning about initialization query exposure
Security assessment
The change explicitly warns about sensitive data exposure in initialization queries, addressing a potential security risk through documentation.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-rds-dbproxytargetgroup-connectionpoolconfigurationinfoformat.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-rds-dbproxytargetgroup-connectionpoolconfigurationinfoformat.md index acd957662..8269d70be 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-properties-rds-dbproxytargetgroup-connectionpoolconfigurationinfoformat.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-rds-dbproxytargetgroup-connectionpoolconfigurationinfoformat.md @@ -68,0 +69,4 @@ Default: no initialization query +###### Important + +Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option. +