AWS cloudformation-cli documentation change
Summary
Added CLI example link for activating proactive control-based Hooks and minor text correction
Security assessment
These changes are routine documentation updates for CLI usage examples and typo fixes without security implications.
Diff
diff --git a/cloudformation-cli/latest/hooks-userguide/hook-configuration-schema.md b/cloudformation-cli/latest/hooks-userguide/hook-configuration-schema.md index 534d1ea61..bf4f93369 100644 --- a//cloudformation-cli/latest/hooks-userguide/hook-configuration-schema.md +++ b//cloudformation-cli/latest/hooks-userguide/hook-configuration-schema.md @@ -42,0 +43,3 @@ The following schema is the structure for a Hook configuration schema. + "EncryptionConfiguration": { + "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/abc-123" + }, @@ -95,0 +99,12 @@ _Valid values_ : `FAIL` | `WARN` +`EncryptionConfiguration` + + +Specifies encryption settings for Hook annotations data. + +`KmsKeyId` + + +The alias, alias ARN, key ID, or key ARN of the symmetric encryption AWS KMS key used to encrypt Hook annotations data. For more information, see [KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the AWS KMS docs. + +Before you can create Hooks with customer managed AWS KMS keys, your user or role must have AWS KMS permissions to `DescribeKey` and `GenerateDataKey`. For more information, see [AWS KMS key policy and permissions for encrypting AWS CloudFormation Hooks results at rest](./hooks-kms-key-policy.html). + @@ -104,0 +120,2 @@ For examples of configuring Hooks from the AWS CLI, see the following sections: + * [Activate a proactive control-based Hook (AWS CLI)](./proactive-controls-hooks-activate-hooks.html#proactive-controls-hooks-activate-hooks-cli) + @@ -118 +135 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -View Hook invocations +View Hook invocation results