AWS config documentation change
Summary
Removed 'AWS::KMS::Key' from resource types for S3 default encryption check
Security assessment
The change corrects the resource types for an AWS Config rule but does not alter the rule's security intent (checking S3 bucket encryption). No evidence of a security vulnerability being addressed.
Diff
diff --git a/config/latest/developerguide/s3-default-encryption-kms.md b/config/latest/developerguide/s3-default-encryption-kms.md index c365e705e..897fe4170 100644 --- a//config/latest/developerguide/s3-default-encryption-kms.md +++ b//config/latest/developerguide/s3-default-encryption-kms.md @@ -13 +13 @@ Checks if the S3 buckets are encrypted with AWS Key Management Service (AWS KMS) -**Resource Types:** AWS::S3::Bucket, AWS::KMS::Key +**Resource Types:** AWS::S3::Bucket