AWS dms documentation change
Summary
Added IAM policy example for Secrets Manager integration with KMS decryption permissions
Security assessment
Documents required permissions for secure secret retrieval and decryption, which is security-related documentation but doesn't indicate a patched vulnerability.
Diff
diff --git a/dms/latest/userguide/security_iam_secretsmanager.md b/dms/latest/userguide/security_iam_secretsmanager.md index 5cf119ea3..0dbfa4a39 100644 --- a//dms/latest/userguide/security_iam_secretsmanager.md +++ b//dms/latest/userguide/security_iam_secretsmanager.md @@ -211,0 +212,27 @@ Depending on your database engine configuration, your database might not fetch t +JSON + + +**** + + + { + "Version":"2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": "secretsmanager:GetSecretValue", + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "kms:Decrypt", + "kms:DescribeKey" + ], + "Resource": "*" + } + ] + } + + +