AWS cli documentation change
Summary
Added documentation about S3 access points for Amazon FSx requiring 'aws:fsx' encryption and default encryption behavior for FSx file systems
Security assessment
The change documents encryption requirements and default encryption behavior for FSx file systems accessed via S3 access points. While it describes security features, there's no indication of addressing a specific vulnerability.
Diff
diff --git a/cli/latest/reference/s3api/copy-object.md b/cli/latest/reference/s3api/copy-object.md index 99be4cafd..7e85f14bf 100644 --- a//cli/latest/reference/s3api/copy-object.md +++ b//cli/latest/reference/s3api/copy-object.md @@ -15 +15 @@ - * [AWS CLI 2.27.42 Command Reference](../../index.html) » + * [AWS CLI 2.27.45 Command Reference](../../index.html) » @@ -520,0 +521 @@ JSON Syntax: +> * **S3 access points for Amazon FSx** \- When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx` . All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx. @@ -526,0 +528 @@ JSON Syntax: +> * `aws:fsx` @@ -566,0 +569 @@ JSON Syntax: +> * `FSX_OPENZFS` @@ -932 +935,5 @@ ServerSideEncryption -> (string) -> The server-side encryption algorithm used when you store this object in Amazon S3 (for example, `AES256` , `aws:kms` , `aws:kms:dsse` ). +> The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx. +> +> ### Note +> +> When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is `aws:fsx` . @@ -980 +987 @@ RequestCharged -> (string) - * [AWS CLI 2.27.42 Command Reference](../../index.html) » + * [AWS CLI 2.27.45 Command Reference](../../index.html) »