AWS AWSCloudFormation documentation change
Summary
Clarified example about using rules to enforce parameter dependencies when SSL is enabled
Security assessment
The change emphasizes using CloudFormation rules to ensure required security parameters (certificate and domain name) are provided when SSL is enabled. While this promotes secure configuration practices, there's no evidence of addressing a specific security vulnerability.
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/rules-section-structure.md b/AWSCloudFormation/latest/UserGuide/rules-section-structure.md index f121762ac..13b39d2d5 100644 --- a//AWSCloudFormation/latest/UserGuide/rules-section-structure.md +++ b//AWSCloudFormation/latest/UserGuide/rules-section-structure.md @@ -11 +11 @@ The `Rules` section is an optional part of a CloudFormation template that enable -Rules are useful when standard parameter constraints are insufficient. For example, if SSL is enabled, both a certificate and domain name must be provided. +Rules are useful when standard parameter constraints are insufficient. For example, when SSL is enabled, both a certificate and domain name must be provided. A rule can ensure that these dependencies are met.