AWS cli medium security documentation change
Summary
Added --kms-key-id parameter for encrypting automated reasoning policies
Security assessment
Documents encryption control using KMS keys for policy artifacts. Explicitly addresses data protection through customer-managed encryption keys, a core security feature.
Diff
diff --git a/cli/latest/reference/bedrock/create-automated-reasoning-policy.md b/cli/latest/reference/bedrock/create-automated-reasoning-policy.md index b77e1a286..7375130e7 100644 --- a//cli/latest/reference/bedrock/create-automated-reasoning-policy.md +++ b//cli/latest/reference/bedrock/create-automated-reasoning-policy.md @@ -15 +15 @@ - * [AWS CLI 2.31.13 Command Reference](../../index.html) » + * [AWS CLI 2.31.16 Command Reference](../../index.html) » @@ -72,0 +73 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/bedroc + [--kms-key-id <value>] @@ -359,0 +361,12 @@ JSON Syntax: +`--kms-key-id` (string) + +> The identifier of the KMS key to use for encrypting the automated reasoning policy and its associated artifacts. If you don’t specify a KMS key, Amazon Bedrock uses an KMS managed key for encryption. For enhanced security and control, you can specify a customer managed KMS key. +> +> Constraints: +> +> * min: `1` +> * max: `2048` +> * pattern: `(arn:aws(-[^:]+)?:kms:[a-zA-Z0-9-]*:[0-9]{12}:((key/[a-zA-Z0-9-]{36})|(alias/[a-zA-Z0-9-_/]+)))|([a-zA-Z0-9-]{36})|(alias/[a-zA-Z0-9-_/]+)` +> + + @@ -594 +607 @@ updatedAt -> (timestamp) - * [AWS CLI 2.31.13 Command Reference](../../index.html) » + * [AWS CLI 2.31.16 Command Reference](../../index.html) »