AWS AWSCloudFormation documentation change
Summary
Updated KMS key documentation to specify ARN format requirements
Security assessment
Clarifies proper encryption key management but does not address a specific security vulnerability.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-imagebuilder-containerrecipe-ebsinstanceblockdevicespecification.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-imagebuilder-containerrecipe-ebsinstanceblockdevicespecification.md index fab5a3e1b..f9e0f375d 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-properties-imagebuilder-containerrecipe-ebsinstanceblockdevicespecification.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-imagebuilder-containerrecipe-ebsinstanceblockdevicespecification.md @@ -85 +85 @@ _Required_ : No -Use to configure the KMS key to use when encrypting the device. +The Amazon Resource Name (ARN) that uniquely identifies the KMS key to use when encrypting the device. This can be either the Key ARN or the Alias ARN. For more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN) in the _AWS Key Management Service Developer Guide_.