AWS aurora-dsql documentation change
Summary
Removed two bullet points from KMS key policy example regarding read-only access for key administrators
Security assessment
The change removes documentation about granting read-only access to KMS key administrators. There's no evidence this relates to a security vulnerability - it appears to be simplifying an example policy rather than addressing a specific security issue.
Diff
diff --git a/aurora-dsql/latest/userguide/data-encryption.md b/aurora-dsql/latest/userguide/data-encryption.md index 43dc4ebe9..bd0511a81 100644 --- a//aurora-dsql/latest/userguide/data-encryption.md +++ b//aurora-dsql/latest/userguide/data-encryption.md @@ -187,2 +186,0 @@ For example, the following example key policy provides only the required permiss - * Gives the AWS KMS key administrators (users who can assume the `db-team` role) read-only access to the AWS KMS key -