AWS Security ChangesHomeSearch

AWS lambda documentation change

Service: lambda · 2025-11-22 · Documentation low

File: lambda/latest/dg/services-msk-tutorial.md

Summary

Updated documentation links by adding double slashes in URLs and made minor text clarifications

Security assessment

The changes primarily fix URL formatting (adding double slashes) and update link references. No security vulnerabilities or new security features are mentioned. Security-related content about VPC endpoints and IAM policies remains unchanged except for URL formatting.

Diff

diff --git a/lambda/latest/dg/services-msk-tutorial.md b/lambda/latest/dg/services-msk-tutorial.md
index 287fb1490..a1151e052 100644
--- a//lambda/latest/dg/services-msk-tutorial.md
+++ b//lambda/latest/dg/services-msk-tutorial.md
@@ -36 +36 @@ An AWS account with the following preconfigured resources:
-**To fulfill these prerequisites, we recommend following[Getting started using Amazon MSK](https://docs.aws.amazon.com/msk/latest/developerguide/getting-started.html) in the Amazon MSK documentation.**
+**To fulfill these prerequisites, we recommend following[Getting started using Amazon MSK](https://docs.aws.amazon.com//msk/latest/developerguide/getting-started.html) in the Amazon MSK documentation.**
@@ -38 +38 @@ An AWS account with the following preconfigured resources:
-  * An Amazon MSK cluster. See [Create an Amazon MSK cluster](https://docs.aws.amazon.com/msk/latest/developerguide/create-cluster.html) in _Getting started using Amazon MSK_.
+  * An Amazon MSK cluster. See [Create an Amazon MSK cluster](https://docs.aws.amazon.com//msk/latest/developerguide/create-cluster.html) in _Getting started using Amazon MSK_.
@@ -46 +46 @@ An AWS account with the following preconfigured resources:
-  * A Kafka topic in your Amazon MSK cluster to use for this solution. See [Create a topic](https://docs.aws.amazon.com/msk/latest/developerguide/create-topic.html) in _Getting started using Amazon MSK_.
+  * A Kafka topic in your Amazon MSK cluster to use for this solution. See [Create a topic](https://docs.aws.amazon.com//msk/latest/developerguide/create-topic.html) in _Getting started using Amazon MSK_.
@@ -48 +48 @@ An AWS account with the following preconfigured resources:
-  * A Kafka admin host set up to retrieve information from your Kafka cluster and send Kafka events to your topic for testing, such as an Amazon EC2 instance with the Kafka admin CLI and Amazon MSK IAM library installed. See [Create a client machine](https://docs.aws.amazon.com/msk/latest/developerguide/create-client-machine.html) in _Getting started using Amazon MSK_.
+  * A Kafka admin host set up to retrieve information from your Kafka cluster and send Kafka events to your topic for testing, such as an Amazon EC2 instance with the Kafka admin CLI and Amazon MSK IAM library installed. See [Create a client machine](https://docs.aws.amazon.com//msk/latest/developerguide/create-client-machine.html) in _Getting started using Amazon MSK_.
@@ -103 +103 @@ You can configure the following steps using the AWS Management Console.
-  1. Create a security group for your interface Amazon VPC endpoints, `endpointSecurityGroup`, that allows inbound TCP traffic on 443 from `clusterSecurityGroups`. Follow the procedure in [Create a security group](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-security-groups.html#creating-security-group) in the Amazon EC2 documentation to create a security group. Then, follow the procedure in [Add rules to a security group](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-security-groups.html#adding-security-group-rule) in the Amazon EC2 documentation to add appropriate rules. 
+  1. Create a security group for your interface Amazon VPC endpoints, `endpointSecurityGroup`, that allows inbound TCP traffic on 443 from `clusterSecurityGroups`. Follow the procedure in [Create a security group](https://docs.aws.amazon.com//AWSEC2/latest/UserGuide/working-with-security-groups.html#creating-security-group) in the Amazon EC2 documentation to create a security group. Then, follow the procedure in [Add rules to a security group](https://docs.aws.amazon.com//AWSEC2/latest/UserGuide/working-with-security-groups.html#adding-security-group-rule) in the Amazon EC2 documentation to add appropriate rules. 
@@ -113 +113 @@ When adding your inbound rules, create a rule for each security group in `cluste
-  2. Create an endpoint connecting the Lambda service to the Amazon VPC containing your Amazon MSK cluster. Follow the procedure in [Create an interface endpoint](https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html).
+  2. Create an endpoint connecting the Lambda service to the Amazon VPC containing your Amazon MSK cluster. Follow the procedure in [Create an interface endpoint](https://docs.aws.amazon.com//vpc/latest/privatelink/create-interface-endpoint.html).
@@ -144 +144 @@ When adding your inbound rules, create a rule for each security group in `cluste
-  3. Create an endpoint connecting the AWS STS service to the Amazon VPC containing your Amazon MSK cluster. Follow the procedure in [Create an interface endpoint](https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html).
+  3. Create an endpoint connecting the AWS STS service to the Amazon VPC containing your Amazon MSK cluster. Follow the procedure in [Create an interface endpoint](https://docs.aws.amazon.com//vpc/latest/privatelink/create-interface-endpoint.html).
@@ -181 +181 @@ When adding your inbound rules, create a rule for each security group in `cluste
-Some of this traffic is allowed by default security group rules, so if your cluster is attached to a single security group, and that group has default rules, additional rules are not necessary. To adjust security group rules, follow the procedures in [Add rules to a security group](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-security-groups.html#adding-security-group-rule) in the Amazon EC2 documentation.
+Some of this traffic is allowed by default security group rules, so if your cluster is attached to a single security group, and that group has default rules, additional rules are not necessary. To adjust security group rules, follow the procedures in [Add rules to a security group](https://docs.aws.amazon.com//AWSEC2/latest/UserGuide/working-with-security-groups.html#adding-security-group-rule) in the Amazon EC2 documentation.
@@ -237 +237 @@ JSON
-For more information, consult [Configuring Lambda execution role permissions](./with-msk-permissions.html). When writing your policy:
+For more information, consult [Configuring Lambda permissions for Amazon MSK event source mappings](./with-msk-permissions.html). When writing your policy:
@@ -258 +258 @@ In a production environment, assess `AWSLambdaMSKExecutionRole` to restrict your
-For details about the IAM policy language, see the [IAM documentation](https://docs.aws.amazon.com/iam/).
+For details about the IAM policy language, see the [IAM documentation](https://docs.aws.amazon.com//iam/).
@@ -283 +283 @@ Now that you have written your policy document, create an IAM policy so you can
-For more information, see [Creating IAM policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html) in the IAM documentation.
+For more information, see [Creating IAM policies](https://docs.aws.amazon.com//IAM/latest/UserGuide/access_policies_create.html) in the IAM documentation.