AWS Security ChangesHomeSearch

AWS kms documentation change

Service: kms · 2025-11-01 · Documentation low

File: kms/latest/developerguide/overview.md

Summary

Expanded service description to include data signing capabilities

Security assessment

The update highlights KMS's data signing functionality, which is a security feature, but does not indicate a security issue resolution.

Diff

diff --git a/kms/latest/developerguide/overview.md b/kms/latest/developerguide/overview.md
index 6c9cd2cf8..25e52ad88 100644
--- a//kms/latest/developerguide/overview.md
+++ b//kms/latest/developerguide/overview.md
@@ -9 +9 @@ Why use AWS KMS?AWS KMS in AWS RegionsAWS KMS pricingAWS KMS service level agree
-AWS Key Management Service (AWS KMS) is an AWS managed service that makes it easy for you to create and control the encryption keys that are used to encrypt your data. The AWS KMS keys that you create in AWS KMS are protected by [FIPS 140-3 Security Level 3 validated hardware security modules (HSM)](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4884). They never leave AWS KMS unencrypted. To use or manage your KMS keys, you interact with AWS KMS.
+AWS Key Management Service (AWS KMS) is an AWS managed service that makes it easy for you to create and control the keys used to encrypt and sign your data. The AWS KMS keys that you create in AWS KMS are protected by [FIPS 140-3 Security Level 3 validated hardware security modules (HSM)](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4884). They never leave AWS KMS unencrypted. To use or manage your KMS keys, you interact with AWS KMS.