AWS AWSCloudFormation documentation change
Summary
Added documentation about customer-managed KMS encryption for investigation data
Security assessment
Explicitly documents encryption options (security feature) but does not indicate a security vulnerability fix. Improves transparency about data protection mechanisms.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-aiops-investigationgroup-encryptionconfigmap.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-aiops-investigationgroup-encryptionconfigmap.md index 7a8316f0a..9d8e88df6 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-properties-aiops-investigationgroup-encryptionconfigmap.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-aiops-investigationgroup-encryptionconfigmap.md @@ -9 +9 @@ This is the new _AWS CloudFormation Template Reference Guide_. Please update you -The `EncryptionConfigMap` property type specifies Property description not available. for an [AWS::AIOps::InvestigationGroup](./aws-resource-aiops-investigationgroup.html). +Use this structure if you want to use a customer managed AWS KMS key to encrypt your investigation data. If you omit this parameter, CloudWatch investigations will use an AWS key to encrypt the data. For more information, see [Encryption of investigation data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Investigations-Security.html#Investigations-KMS). @@ -36 +36 @@ To declare this entity in your AWS CloudFormation template, use the following sy -Property description not available. +Displays whether investigation data is encrypted by a customer managed key or an AWS owned key.