AWS AmazonCloudWatch documentation change
Summary
Updated KMS key policy with concrete account ID and region values
Security assessment
Replaces placeholder values with specific examples in encryption documentation, improving implementation guidance without security fixes
Diff
diff --git a/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md b/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md index f10187c56..479f96f56 100644 --- a//AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md +++ b//AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md @@ -144 +144 @@ JSON - "AWS": "arn:aws:iam::Your_account_ID:root" + "AWS": "arn:aws:iam::123456789012:root" @@ -152 +152 @@ JSON - "Service": "logs.region.amazonaws.com" + "Service": "logs.us-east-1.amazonaws.com" @@ -164 +164 @@ JSON - "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:region:account-id:*" + "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:us-east-1:123456789012:*" @@ -229 +229 @@ JSON - "Resource": "arn:aws:kms:us-east-1:account_id:key/key_id" + "Resource": "arn:aws:kms:us-east-1:444455556666:key/key_id"