AWS AWSSimpleQueueService documentation change
Summary
Added JSON formatting markers and modified KMS key ARN examples
Security assessment
Improves documentation of KMS key policies but does not indicate remediation of a security issue
Diff
diff --git a/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-key-management.md b/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-key-management.md index 2ff4fc53d..ecbb3390c 100644 --- a//AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-key-management.md +++ b//AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-key-management.md @@ -34,0 +35,6 @@ When changing the KMS key for encrypting your Amazon SQS messages, be aware that +JSON + + +**** + + @@ -70,0 +78,6 @@ Add the following statement to the IAM policy of the producer. Remember to use t +JSON + + +**** + + @@ -80 +93 @@ Add the following statement to the IAM policy of the producer. Remember to use t - "Resource": "arn:aws:kms:us-east-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab" + "Resource": "arn:aws:kms:us-east-2:123456789012:key/" @@ -93,0 +108,6 @@ When the data key reuse period expires, the consumer's next call to `ReceiveMess +JSON + + +**** + + @@ -102 +122 @@ When the data key reuse period expires, the consumer's next call to `ReceiveMess - "Resource": "arn:aws:kms:us-east-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab" + "Resource": "arn:aws:kms:us-east-2:123456789012:key/" @@ -117,0 +139,6 @@ In this KMS key policy, a specific resource from _service_ that is owned by acco +JSON + + +**** + +