AWS AWSCloudFormation documentation change
Summary
Updated terminology from 'AWS CloudFormation' to 'CloudFormation' in multiple sections and link titles
Security assessment
Changes are branding/terminology updates within existing security guidance. No new security features or vulnerability mitigations introduced.
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/security-best-practices.md b/AWSCloudFormation/latest/UserGuide/security-best-practices.md index ba493435e..b424726c5 100644 --- a//AWSCloudFormation/latest/UserGuide/security-best-practices.md +++ b//AWSCloudFormation/latest/UserGuide/security-best-practices.md @@ -9 +9 @@ Use IAM to control accessDo not embed credentials in your templatesUse AWS Cloud -AWS CloudFormation provides a number of security features to consider as you develop and implement your own security policies. The following best practices are general guidelines and don’t represent a complete security solution. Because these best practices might not be appropriate or sufficient for your environment, treat them as helpful considerations rather than prescriptions. +CloudFormation provides a number of security features to consider as you develop and implement your own security policies. The following best practices are general guidelines and don’t represent a complete security solution. Because these best practices might not be appropriate or sufficient for your environment, treat them as helpful considerations rather than prescriptions. @@ -26 +26 @@ IAM is an AWS service that you can use to manage users and their permissions in -In most cases, users require full access to manage all of the resources in a template. CloudFormation makes calls to create, modify, and delete those resources on their behalf. To separate permissions between a user and the CloudFormation service, use a service role. CloudFormation uses the service role's policy to make calls instead of the user's policy. For more information, see [AWS CloudFormation service role](./using-iam-servicerole.html). +In most cases, users require full access to manage all of the resources in a template. CloudFormation makes calls to create, modify, and delete those resources on their behalf. To separate permissions between a user and the CloudFormation service, use a service role. CloudFormation uses the service role's policy to make calls instead of the user's policy. For more information, see [CloudFormation service role](./using-iam-servicerole.html). @@ -40 +40 @@ For more information on defining template parameters, see [CloudFormation templa -AWS CloudTrail tracks anyone making CloudFormation API calls in your AWS account. API calls are logged whenever anyone uses the CloudFormation API, the CloudFormation console, a back-end console, or CloudFormation AWS CLI commands. Enable logging and specify an Amazon S3 bucket to store the logs. That way, if you ever need to, you can audit who made what CloudFormation call in your account. For more information, see [Logging AWS CloudFormation API calls with AWS CloudTrail](./cfn-api-logging-cloudtrail.html). +AWS CloudTrail tracks anyone making CloudFormation API calls in your AWS account. API calls are logged whenever anyone uses the CloudFormation API, the CloudFormation console, a back-end console, or CloudFormation AWS CLI commands. Enable logging and specify an Amazon S3 bucket to store the logs. That way, if you ever need to, you can audit who made what CloudFormation call in your account. For more information, see [Logging CloudFormation API calls with AWS CloudTrail](./cfn-api-logging-cloudtrail.html).