AWS Security ChangesHomeSearch

AWS AmazonCloudWatch high security documentation change

Service: AmazonCloudWatch · 2025-07-04 · Security-related high

File: AmazonCloudWatch/latest/monitoring/CloudWatch-NetworkFlowMonitor-agents-download-agent-commandline.md

Summary

Changed 'gpg --import' to 'rpm --import' in package verification instructions

Security assessment

Using 'rpm --import' instead of 'gpg --import' to import GPG keys could lead to improper package signature verification, creating a security risk if malicious packages are not properly validated. This is a security-related documentation error correction.

Diff

diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch-NetworkFlowMonitor-agents-download-agent-commandline.md b/AmazonCloudWatch/latest/monitoring/CloudWatch-NetworkFlowMonitor-agents-download-agent-commandline.md
index 042e28d37..970e5b03c 100644
--- a//AmazonCloudWatch/latest/monitoring/CloudWatch-NetworkFlowMonitor-agents-download-agent-commandline.md
+++ b//AmazonCloudWatch/latest/monitoring/CloudWatch-NetworkFlowMonitor-agents-download-agent-commandline.md
@@ -119 +119 @@ Follow the steps here to verify the signature of the Network Flow Monitor agent.
-        PS>  gpg --import nfm-agent.gpg
+        PS>  rpm --import nfm-agent.gpg
@@ -197 +197 @@ Next, follow the steps here to verify the RPM package.
-        PS>  gpg --import nfm-agent.gpg
+        PS>  rpm --import nfm-agent.gpg