AWS Security ChangesHomeSearch

AWS kms documentation change

Service: kms · 2025-12-10 · Documentation low

File: kms/latest/developerguide/dochistory.md

Summary

Added entries for on-demand rotation of imported key material and CloudTrail tlsDetails.keyExchange field support

Security assessment

The 'keyExchange' field documentation addition relates to the post-quantum TLS feature, which is a security enhancement. However, the change itself is a routine feature update announcement without evidence of addressing an active security vulnerability.

Diff

diff --git a/kms/latest/developerguide/dochistory.md b/kms/latest/developerguide/dochistory.md
index 9fe48ca8b..3b1c0051f 100644
--- a//kms/latest/developerguide/dochistory.md
+++ b//kms/latest/developerguide/dochistory.md
@@ -27,0 +28,2 @@ Change| Description| Date
+[Feature update](https://docs.aws.amazon.com/kms/latest/developerguide/rotating-keys-on-demand.html)| AWS KMS supports on-demand rotation of symmetric-encryption, multi-region keys with imported key material.| November 26, 2025  
+[Feature update](https://docs.aws.amazon.com/kms/latest/developerguide/pqtls-how-to.html#pqtls-testing)| AWS KMS supports new `keyExchange` field in the `tlsDetails` section of CloudTrail events.| November 24, 2025