AWS singlesignon documentation change
Summary
Added hyperlink to AWS managed applications and updated encryption context section with direct link to KMS documentation.
Security assessment
The changes enhance existing documentation by adding links and references but do not introduce new security features or address specific vulnerabilities.
Diff
diff --git a/singlesignon/latest/userguide/encryption-at-rest.md b/singlesignon/latest/userguide/encryption-at-rest.md index 1128080d6..69a1eec3b 100644 --- a//singlesignon/latest/userguide/encryption-at-rest.md +++ b//singlesignon/latest/userguide/encryption-at-rest.md @@ -15 +15 @@ IAM Identity Center provides encryption to protect customer data at rest using t - * Establishing and maintaining key policies to restrict access to the key to only IAM principals who need access, such as IAM Identity Center and AWS managed applications in the same AWS Organizations and their administrators. + * Establishing and maintaining key policies to restrict access to the key to only IAM principals who need access, such as IAM Identity Center and [AWS managed applications](./awsapps.html) in the same AWS Organizations and their administrators. @@ -57 +57 @@ For more information on AWS KMS, see [What is AWS Key Management Service?](https -An encryption context is an optional set of non-secret key-value pairs that contain additional contextual information about the data. AWS KMS uses the encryption context as additional authenticated data to support authenticated encryption. When you include an encryption context in a request to encrypt data, AWS KMS binds the encryption context to the encrypted data. To decrypt data, you include the same encryption context in the request. Refer to the [KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html) for more information about encryption context. +An [encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html) is an optional set of non-secret key-value pairs that contain additional contextual information about the data. AWS KMS uses the encryption context as additional authenticated data to support authenticated encryption. When you include an encryption context in a request to encrypt data, AWS KMS binds the encryption context to the encrypted data. To decrypt data, you include the same encryption context in the request. Refer to the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html) for more information about encryption context.