AWS opensearch-service documentation change
Summary
Removed KMS key policy example for OpenSearch Ingestion encryption
Security assessment
The change removes a cryptographic policy example but doesn't indicate any security vulnerability being addressed.
Diff
diff --git a/opensearch-service/latest/developerguide/osis-features-overview.md b/opensearch-service/latest/developerguide/osis-features-overview.md index fc0820d33..850f30c83 100644 --- a//opensearch-service/latest/developerguide/osis-features-overview.md +++ b//opensearch-service/latest/developerguide/osis-features-overview.md @@ -74,23 +73,0 @@ Alternately, you can specify a customer managed key and add the following IAM pe -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "KeyAccess", - "Effect": "Allow", - "Action": [ - "kms:Decrypt", - "kms:GenerateDataKeyWithoutPlaintext" - ], - "Resource": "arn:aws:kms:us-east-1:{aws-account-id}:key/1234abcd-12ab-34cd-56ef-1234567890ab" - } - ] - } - -