AWS bedrock documentation change
Summary
Updated KMS ARNs and service endpoints to 'us-east-1' in encryption policy examples
Security assessment
Regional specificity in encryption examples does not indicate security fixes or new security features.
Diff
diff --git a/bedrock/latest/userguide/encryption-flows.md b/bedrock/latest/userguide/encryption-flows.md index 65c87be99..9ab3202f5 100644 --- a//bedrock/latest/userguide/encryption-flows.md +++ b//bedrock/latest/userguide/encryption-flows.md @@ -31 +31 @@ JSON - "Resource": "arn:aws:kms:${region}:${account-id}:key/${key-id}", + "Resource": "arn:aws:kms:us-east-1:${account-id}:key/${key-id}", @@ -35 +35 @@ JSON - "kms:ViaService": "bedrock.${region}.amazonaws.com" + "kms:ViaService": "bedrock.us-east-1.amazonaws.com" @@ -96 +96 @@ JSON - "Resource": "arn:aws:kms:region:account-id:key/key-id", + "Resource": "arn:aws:kms:us-east-1:account-id:key/key-id", @@ -100 +100 @@ JSON - "kms:ViaService": "bedrock.region.amazonaws.com" + "kms:ViaService": "bedrock.us-east-1.amazonaws.com"