AWS Security ChangesHomeSearch

AWS kms documentation change

Service: kms · 2025-07-04 · Documentation low

File: kms/latest/developerguide/keystore-external.md

Summary

Updated links from 'customer-cmk' to 'customer-mgn-key' anchors in two locations

Security assessment

Change updates terminology anchors but maintains existing security context about external key stores. No new security features or vulnerability disclosures introduced.

Diff

diff --git a/kms/latest/developerguide/keystore-external.md b/kms/latest/developerguide/keystore-external.md
index bf192ec5b..a69ae6d8c 100644
--- a//kms/latest/developerguide/keystore-external.md
+++ b//kms/latest/developerguide/keystore-external.md
@@ -15 +15 @@ AWS KMS never interacts directly with your external key manager, and cannot crea
-You can use KMS keys in an external key store for client-side encryption, including with the [AWS Encryption SDK](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/). But external key stores are an important resource for server-side encryption, allowing you to protect your AWS resources in multiple AWS services with your cryptographic keys outside of AWS. AWS services that support [customer managed keys](./concepts.html#customer-cmk) for symmetric encryption also support KMS keys in an external key store. For service support details, see [AWS Service Integration](https://aws.amazon.com/kms/features/#AWS_service_integration).
+You can use KMS keys in an external key store for client-side encryption, including with the [AWS Encryption SDK](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/). But external key stores are an important resource for server-side encryption, allowing you to protect your AWS resources in multiple AWS services with your cryptographic keys outside of AWS. AWS services that support [customer managed keys](./concepts.html#customer-mgn-key) for symmetric encryption also support KMS keys in an external key store. For service support details, see [AWS Service Integration](https://aws.amazon.com/kms/features/#AWS_service_integration).
@@ -56 +56 @@ Review the [Amazon CloudWatch metrics and dimensions](./monitoring-cloudwatch.ht
-External key stores support only symmetric encryption KMS keys. Within AWS KMS, you use and manage KMS keys in an external key store in much the same way that you manage other [customer managed keys](./concepts.html#customer-cmk), including [setting access control policies](./authorize-xks-key-store.html) and [monitoring key use](./monitoring-overview.html). You use the same APIs with the same parameters to request a cryptographic operation with a KMS key in an external key store that you use for any KMS key. Pricing is also the same as for standard KMS keys. For details, see [KMS keys in external key stores](./keystore-external-key-manage.html) and [AWS Key Management Service Pricing](https://aws.amazon.com/kms/pricing/).
+External key stores support only symmetric encryption KMS keys. Within AWS KMS, you use and manage KMS keys in an external key store in much the same way that you manage other [customer managed keys](./concepts.html#customer-mgn-key), including [setting access control policies](./authorize-xks-key-store.html) and [monitoring key use](./monitoring-overview.html). You use the same APIs with the same parameters to request a cryptographic operation with a KMS key in an external key store that you use for any KMS key. Pricing is also the same as for standard KMS keys. For details, see [KMS keys in external key stores](./keystore-external-key-manage.html) and [AWS Key Management Service Pricing](https://aws.amazon.com/kms/pricing/).