AWS managedservices documentation change
Summary
Updated KMS key creation and sharing processes to 'managed automation'
Security assessment
Changes encryption key management workflow but doesn't introduce new security controls. Maintains encryption requirements through automation.
Diff
diff --git a/managedservices/latest/onboardingguide/tools-account-enable.md b/managedservices/latest/onboardingguide/tools-account-enable.md index 7a131ade0..06798b000 100644 --- a//managedservices/latest/onboardingguide/tools-account-enable.md +++ b//managedservices/latest/onboardingguide/tools-account-enable.md @@ -23 +23 @@ Navigate to the AMS console and file the following RFCs: - 1. Create KMS key. Use either [Create KMS Key (auto)](https://docs.aws.amazon.com/managedservices/latest/ctref/ex-kms-key-create-auto-col.html) or [Create KMS Key (review required)](https://docs.aws.amazon.com/managedservices/latest/ctref/ex-kms-key-create-rr-col.html). + 1. Create KMS key. Use either [Create KMS Key (auto)](https://docs.aws.amazon.com/managedservices/latest/ctref/ex-kms-key-create-auto-col.html) or [Create KMS Key (managed automation)](https://docs.aws.amazon.com/managedservices/latest/ctref/ex-kms-key-create-rr-col.html). @@ -29 +29 @@ As you use KMS to encrypt ingested resources, using a single KMS key that is sha -Use the Management | Advanced stack components | KMS key | Share (review required) change type (ct-05yb337abq3x5) to request that the new KMS key be shared with your application accounts where ingested AMIs will reside. +Use the Management | Advanced stack components | KMS key | Share (managed automation) change type (ct-05yb337abq3x5) to request that the new KMS key be shared with your application accounts where ingested AMIs will reside.