AWS Security ChangesHomeSearch

AWS powershell high security documentation change

Service: powershell · 2025-06-13 · Security-related high

File: powershell/v5/userguide/additional-security-considerations.md

Summary

Added documentation about sensitive data redaction in PowerShell V5 logs and configuration override

Security assessment

Explicitly documents security controls for sensitive information redaction in logs, including a warning about increased risk when disabling this protection. The change addresses data leakage prevention through default redaction behavior.

Diff

diff --git a/powershell/v5/userguide/additional-security-considerations.md b/powershell/v5/userguide/additional-security-considerations.md
index 7be724212..0644be245 100644
--- a//powershell/v5/userguide/additional-security-considerations.md
+++ b//powershell/v5/userguide/additional-security-considerations.md
@@ -17 +17,6 @@ Some operations of this tool might return information that could be considered s
-Consider the following best practices:
+Version 5 (V5) of the AWS Tools for PowerShell has been updated to exclude potentially sensitive information from logs by default. If you need to revert to tool behavior that could result in sensitive information being logged, you can do so for a particular PowerShell session by running the following command:
+    
+    
+    Set-AWSConfiguration -RedactSensitiveOutputDisplay $false
+
+If you do revert to previous tool behavior, you are increasing the risk that sensitive information might be logged. In this case, you should consider the following best practices: