AWS AmazonS3 documentation change
Summary
Removed restriction about default bucket encryption only supporting SSE-S3 for access logging destination buckets
Security assessment
The change removes a limitation statement but doesn't explicitly introduce new security features or address vulnerabilities. It may indicate expanded encryption support but lacks concrete security context in the diff.
Diff
diff --git a/AmazonS3/latest/userguide/enable-server-access-logging.md b/AmazonS3/latest/userguide/enable-server-access-logging.md index 70a5e41e9..3e9ede14f 100644 --- a//AmazonS3/latest/userguide/enable-server-access-logging.md +++ b//AmazonS3/latest/userguide/enable-server-access-logging.md @@ -25,2 +24,0 @@ An access log record contains details about the requests that are made to a buck - * You can use [default bucket encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-bucket-encryption.html) on the destination bucket _only_ if you use server-side encryption with Amazon S3 managed keys (SSE-S3), which uses the 256-bit Advanced Encryption Standard (AES-256). Default server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS) is not supported. -