AWS acm medium security documentation change
Summary
Clarified certificate revocation rules and corrected event detail-type
Security assessment
The change explicitly states that only exported certificates can be revoked, preventing potential misconfigurations where users might assume imported certificates are revocable. This addresses a security-relevant documentation gap that could lead to improper certificate management practices.
Diff
diff --git a/acm/latest/userguide/supported-events.md b/acm/latest/userguide/supported-events.md index faba6b958..7e38907ca 100644 --- a//acm/latest/userguide/supported-events.md +++ b//acm/latest/userguide/supported-events.md @@ -142 +142 @@ Customers can listen on this event to alert them if an ACM issued public or priv -Imported certificates cannot be revoked via revoke-certificate. +Only exported certificates can be revoked. Imported certificates cannot be revoked via revoke-certificate. @@ -176 +176 @@ _ACM Certificate Updated_ events have the following structure. - "detail-type": "ACM Certificate Revoked", + "detail-type": "ACM Certificate Updated",