AWS config documentation change
Summary
Updated region exceptions and swapped parameter order/descriptions for RestrictPublicBuckets and IgnorePublicAcls
Security assessment
Corrects documentation for S3 public access block parameters (security feature), but no evidence of vulnerability remediation. Improves accuracy of security documentation.
Diff
diff --git a/config/latest/developerguide/s3-account-level-public-access-blocks.md b/config/latest/developerguide/s3-account-level-public-access-blocks.md index 274060a5e..57e73e8a0 100644 --- a//config/latest/developerguide/s3-account-level-public-access-blocks.md +++ b//config/latest/developerguide/s3-account-level-public-access-blocks.md @@ -25 +25 @@ This rule is only triggered by configuration changes for the specific region whe -**AWS Region:** All supported AWS regions except Asia Pacific (Thailand), AWS Secret - West, Asia Pacific (Malaysia), Mexico (Central), Asia Pacific (Taipei), Canada West (Calgary) Region +**AWS Region:** All supported AWS regions except China (Beijing), Asia Pacific (Thailand), Asia Pacific (Malaysia), AWS GovCloud (US-East), AWS GovCloud (US-West), Mexico (Central), Israel (Tel Aviv), Asia Pacific (Taipei), Canada West (Calgary), China (Ningxia) Region @@ -29 +29 @@ This rule is only triggered by configuration changes for the specific region whe -IgnorePublicAcls (Optional) +RestrictPublicBuckets (Optional) @@ -34 +34 @@ Default: True -IgnorePublicAcls is enforced or not, default True +RestrictPublicBuckets is enforced or not, default True @@ -50 +50 @@ BlockPublicAcls is enforced or not, default True -RestrictPublicBuckets (Optional) +IgnorePublicAcls (Optional) @@ -55 +55 @@ Default: True -RestrictPublicBuckets is enforced or not, default True +IgnorePublicAcls is enforced or not, default True