AWS payment-cryptography documentation change
Summary
Updated API documentation links to point to payment-cryptography-specific references instead of general CLI docs
Security assessment
The change corrects documentation links but does not address a security vulnerability. It maintains documentation about key integrity checks and security controls, which are security features.
Diff
diff --git a/payment-cryptography/latest/userguide/pin-compliance-control-5.md b/payment-cryptography/latest/userguide/pin-compliance-control-5.md index 7d571bc8a..39e8bc69a 100644 --- a//payment-cryptography/latest/userguide/pin-compliance-control-5.md +++ b//payment-cryptography/latest/userguide/pin-compliance-control-5.md @@ -9 +9 @@ _Requirement 17:_ The service provides mechanisms, such as tags and aliases, for -_Requirement 18:_ The service provides key integrity checks, via [GetKey](https://docs.aws.amazon.com/cli/latest/APIReference/API_GetKey) and [ListKeys](https://docs.aws.amazon.com/cli/latest/APIReference/API_ListKeys), and key management events, via AWS CloudTrail, that can be used to detect unauthorized substitution or monitor synchronization of keys between parties. The service stores keys exclusively in key blocks. You are responsible for key storage and use prior to import to and after export from AWS Payment Cryptography. +_Requirement 18:_ The service provides key integrity checks, via [GetKey](https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetKey) and [ListKeys](https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListKeys), and key management events, via AWS CloudTrail, that can be used to detect unauthorized substitution or monitor synchronization of keys between parties. The service stores keys exclusively in key blocks. You are responsible for key storage and use prior to import to and after export from AWS Payment Cryptography. @@ -13 +13 @@ You should have procedures in place for an immediate investigation should any di -_Requirement 19:_ The service uses keys exclusively in key blocks, enforcing KeyUsage, KeyModeOfUse, and other [key attributes](https://docs.aws.amazon.com/cli/latest/APIReference/API_KeyAttributes) for all operations. This includes restriction on private key operations. You should use your public keys for a single purpose e:g encryption or digital signature verification but not both. You should use separate accounts for production and test/development systems. +_Requirement 19:_ The service uses keys exclusively in key blocks, enforcing KeyUsage, KeyModeOfUse, and other [key attributes](https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_KeyAttributes) for all operations. This includes restriction on private key operations. You should use your public keys for a single purpose e:g encryption or digital signature verification but not both. You should use separate accounts for production and test/development systems.