AWS Security ChangesHomeSearch

AWS awscloudtrail documentation change

Service: awscloudtrail · 2025-11-22 · Documentation low

File: awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.md

Summary

Added documentation for TLS key exchange methods including post-quantum cryptography and updated section title for aggregated events

Security assessment

The addition of the `keyExchange` field description explains cryptographic methods (including post-quantum TLS), which enhances security documentation. However, this does not address a specific security vulnerability.

Diff

diff --git a/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.md b/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.md
index 19b212826..3ece0792f 100644
--- a//awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.md
+++ b//awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.md
@@ -467,0 +468,2 @@ Shows information about the Transport Layer Security (TLS) version, cipher suite
+  * **`keyExchange`** \- The key exchange method used in the TLS handshake. This field indicates whether the connection used classical cryptography or post-quantum cryptography. Example values include `X25519MLKEM768` for post-quantum TLS 1.3, `x25519` for classical TLS 1.3, and `secp256r1` for TLS 1.2.
+
@@ -552 +554 @@ Add resource tag keys and IAM global condition keys to events
-CloudTrail record contents for Insights events for trails
+CloudTrail record contents for aggregated events