AWS Security ChangesHomeSearch

AWS fsx documentation change

Service: fsx · 2026-02-13 · Documentation low

File: fsx/latest/ONTAPGuide/self-managed-AD-best-practices.md

Summary

Corrected KMS key ARN wildcard syntax and removed redundant encryption context condition

Security assessment

Syntax fixes to policy examples without changing security posture. Removal of duplicate condition improves accuracy but doesn't indicate vulnerability.

Diff

diff --git a/fsx/latest/ONTAPGuide/self-managed-AD-best-practices.md b/fsx/latest/ONTAPGuide/self-managed-AD-best-practices.md
index cbc45767f..58b07dccd 100644
--- a//fsx/latest/ONTAPGuide/self-managed-AD-best-practices.md
+++ b//fsx/latest/ONTAPGuide/self-managed-AD-best-practices.md
@@ -154 +154 @@ For **Encryption Key** , create a new key, don't use the AWS default KMS key. Be
-        "Resource": "arn:aws:kms:us-west-2:123456789012:key:*",
+        "Resource": "arn:aws:kms:us-west-2:123456789012:key/*",
@@ -157 +156,0 @@ For **Encryption Key** , create a new key, don't use the AWS default KMS key. Be
-                "kms:EncryptionContext:SecretARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:*",