AWS Security ChangesHomeSearch

AWS AmazonCloudWatch documentation change

Service: AmazonCloudWatch · 2025-08-13 · Documentation low

File: AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md

Summary

Updated KMS key policy with concrete account ID and region values

Security assessment

Replaces placeholder values with specific examples in encryption documentation, improving implementation guidance without security fixes

Diff

diff --git a/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md b/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md
index f10187c56..479f96f56 100644
--- a//AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md
+++ b//AmazonCloudWatch/latest/logs/encrypt-log-data-kms.md
@@ -144 +144 @@ JSON
-                    "AWS": "arn:aws:iam::Your_account_ID:root"
+                "AWS": "arn:aws:iam::123456789012:root"
@@ -152 +152 @@ JSON
-                    "Service": "logs.region.amazonaws.com"
+                "Service": "logs.us-east-1.amazonaws.com"
@@ -164 +164 @@ JSON
-                        "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:region:account-id:*"
+                    "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:us-east-1:123456789012:*"
@@ -229 +229 @@ JSON
-                "Resource": "arn:aws:kms:us-east-1:account_id:key/key_id"
+                "Resource": "arn:aws:kms:us-east-1:444455556666:key/key_id"