AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-10-25 · Documentation low

File: AmazonS3/latest/userguide/enable-server-access-logging.md

Summary

Removed restriction about default bucket encryption only supporting SSE-S3 for access logging destination buckets

Security assessment

The change removes a limitation statement but doesn't explicitly introduce new security features or address vulnerabilities. It may indicate expanded encryption support but lacks concrete security context in the diff.

Diff

diff --git a/AmazonS3/latest/userguide/enable-server-access-logging.md b/AmazonS3/latest/userguide/enable-server-access-logging.md
index 70a5e41e9..3e9ede14f 100644
--- a//AmazonS3/latest/userguide/enable-server-access-logging.md
+++ b//AmazonS3/latest/userguide/enable-server-access-logging.md
@@ -25,2 +24,0 @@ An access log record contains details about the requests that are made to a buck
-  * You can use [default bucket encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-bucket-encryption.html) on the destination bucket _only_ if you use server-side encryption with Amazon S3 managed keys (SSE-S3), which uses the 256-bit Advanced Encryption Standard (AES-256). Default server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS) is not supported.
-