AWS cli documentation change
Summary
Added documentation for VolumeKmsKeyId and RootVolume parameters in NodeDetails structure, mirroring encryption configuration details from create-cluster
Security assessment
Documents the same encryption controls for EBS volumes in cluster node descriptions, providing visibility into security configurations but not indicating any security issue resolution
Diff
diff --git a/cli/latest/reference/sagemaker/describe-cluster-node.md b/cli/latest/reference/sagemaker/describe-cluster-node.md index 0c0d07d14..932f99fc6 100644 --- a//cli/latest/reference/sagemaker/describe-cluster-node.md +++ b//cli/latest/reference/sagemaker/describe-cluster-node.md @@ -15 +15 @@ - * [AWS CLI 2.28.11 Command Reference](../../index.html) » + * [AWS CLI 2.28.12 Command Reference](../../index.html) » @@ -299,0 +300,22 @@ NodeDetails -> (structure) +>>>> +>>>> VolumeKmsKeyId -> (string) +>>>> +>>>>> The ID of a KMS key to encrypt the Amazon EBS volume. +>>>> +>>>> RootVolume -> (boolean) +>>>> +>>>>> Specifies whether the configuration is for the cluster’s root or secondary Amazon EBS volume. You can specify two `ClusterEbsVolumeConfig` fields to configure both the root and secondary volumes. Set the value to `True` if you’d like to provide your own customer managed Amazon Web Services KMS key to encrypt the root volume. When `True` : +>>>>> +>>>>> * The configuration is applied to the root volume. +>>>>> * You can’t specify the `VolumeSizeInGB` field. The size of the root volume is determined for you. +>>>>> * You must specify a KMS key ID for `VolumeKmsKeyId` to encrypt the root volume with your own KMS key instead of an Amazon Web Services owned KMS key. +>>>>> + +>>>>> +>>>>> Otherwise, by default, the value is `False` , and the following applies: +>>>>> +>>>>> * The configuration is applied to the secondary volume, while the root volume is encrypted with an Amazon Web Services owned key. +>>>>> * You must specify the `VolumeSizeInGB` field. +>>>>> * You can optionally specify the `VolumeKmsKeyId` to encrypt the secondary volume with your own KMS key instead of an Amazon Web Services owned KMS key. +>>>>> + @@ -351 +373 @@ NodeDetails -> (structure) - * [AWS CLI 2.28.11 Command Reference](../../index.html) » + * [AWS CLI 2.28.12 Command Reference](../../index.html) »