AWS cli documentation change
Summary
Updated documentation for DebugLogging parameter to clarify logging behavior, costs, and performance impact
Security assessment
The change emphasizes security implications of debug logging (capturing connection/query details) and advises enabling only when necessary. While not addressing a specific vulnerability, it reinforces security best practices for logging sensitive information.
Diff
diff --git a/cli/latest/reference/rds/describe-db-proxies.md b/cli/latest/reference/rds/describe-db-proxies.md index d042744f1..2c8bc31bb 100644 --- a//cli/latest/reference/rds/describe-db-proxies.md +++ b//cli/latest/reference/rds/describe-db-proxies.md @@ -15 +15 @@ - * [AWS CLI 2.28.15 Command Reference](../../index.html) » + * [AWS CLI 2.28.16 Command Reference](../../index.html) » @@ -453 +453 @@ DBProxies -> (list) ->>> Indicates whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs. +>>> Specifies whether the proxy logs detailed connection and query information. When you enable `DebugLogging` , the proxy captures connection details and connection pool behavior from your queries. Debug logging increases CloudWatch costs and can impact proxy performance. Enable this option only when you need to troubleshoot connection or performance issues. @@ -477 +477 @@ Marker -> (string) - * [AWS CLI 2.28.15 Command Reference](../../index.html) » + * [AWS CLI 2.28.16 Command Reference](../../index.html) »