AWS AmazonCloudWatch documentation change
Summary
Updated KMS policy examples with specific region (us-east-1) and account ID (111122223333) values
Security assessment
Changes are example standardization without altering security posture. No evidence of addressing vulnerabilities or adding security features.
Diff
diff --git a/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md b/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md index 640cdd31b..b465a1037 100644 --- a//AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md +++ b//AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md @@ -225 +225 @@ JSON - "logs.region.amazonaws.com" + "logs.us-east-1.amazonaws.com" @@ -229 +229 @@ JSON - "Resource": "arn:aws:kms:region:account_id:key/key_id" + "Resource": "arn:aws:kms:us-east-1:account_id:key/key_id" @@ -318 +316 @@ JSON - "AWS": "arn:aws:iam::ACCOUNT-ID:root" + "AWS": "arn:aws:iam::111122223333:root" @@ -338,2 +336 @@ JSON - "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:REGION:ACCOUNT-ID:log- - group:LOG-GROUP-NAME" + "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:us-east-1:ACCOUNT-ID:log-group:LOG-GROUP-NAME" @@ -377 +374 @@ JSON - "AWS": "arn:aws:iam::Your_account_ID:root" + "AWS": "arn:aws:iam::111122223333:root"