AWS AWSCloudFormation documentation change
Summary
Added DNS support and SecurityGroupReferencingSupport properties with documentation
Security assessment
SecurityGroupReferencingSupport documentation explains security group configuration best practices, enhancing security posture awareness. No specific vulnerability is addressed.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-networkmanager-vpcattachment-vpcoptions.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-networkmanager-vpcattachment-vpcoptions.md index a607817c3..94c455e5a 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-properties-networkmanager-vpcattachment-vpcoptions.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-networkmanager-vpcattachment-vpcoptions.md @@ -20 +20,3 @@ To declare this entity in your AWS CloudFormation template, use the following sy - "Ipv6Support" : Boolean + "DnsSupport" : Boolean, + "Ipv6Support" : Boolean, + "SecurityGroupReferencingSupport" : Boolean @@ -27,0 +30 @@ To declare this entity in your AWS CloudFormation template, use the following sy + DnsSupport: Boolean @@ -28,0 +32 @@ To declare this entity in your AWS CloudFormation template, use the following sy + SecurityGroupReferencingSupport: Boolean @@ -37,0 +42,11 @@ Indicates whether appliance mode is supported. If enabled, traffic flow between +_Required_ : No + + _Type_ : Boolean + + _Update requires_ : [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) + +`DnsSupport` + + +Indicates whether DNS is supported. + @@ -48,0 +64,11 @@ Indicates whether IPv6 is supported. +_Required_ : No + + _Type_ : Boolean + + _Update requires_ : [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) + +`SecurityGroupReferencingSupport` + + +Indicates whether security group referencing is enabled for this VPC attachment. The default is `true`. However, at the core network policy-level the default is set to `false`. +