AWS Security ChangesHomeSearch

AWS controltower documentation change

Service: controltower · 2025-11-19 · Documentation low

File: controltower/latest/userguide/2023-all.md

Summary

Updated references from 'AWS CloudFormation' to 'CloudFormation' and clarified drift behavior for a CloudFormation template when KMS encryption is unused.

Security assessment

The change corrects documentation about drift detection in a CloudFormation template but does not address a security vulnerability or introduce security features. While KMS encryption is security-related, the update focuses on template behavior accuracy, not security enhancements or fixes.

Diff

diff --git a/controltower/latest/userguide/2023-all.md b/controltower/latest/userguide/2023-all.md
index d5161ecef..c32a1034e 100644
--- a//controltower/latest/userguide/2023-all.md
+++ b//controltower/latest/userguide/2023-all.md
@@ -109 +109 @@ We added the new `aws:SourceOrgID` condition key to the policy for the AWS Confi
-**Updated AWS CloudFormation template**
+**Updated CloudFormation template**
@@ -111 +111 @@ We added the new `aws:SourceOrgID` condition key to the policy for the AWS Confi
-We updated the AWS CloudFormation template for the stack named `BASELINE-CLOUDTRAIL-MASTER` so that is does not show drift when AWS KMS encryption is not used.
+We updated the CloudFormation template for the stack named `BASELINE-CLOUDTRAIL-MASTER` so that is does not show drift when AWS KMS encryption is not used.