AWS cli documentation change
Summary
Updated description of existing --custom-secret-config parameter to clarify it uses IAM roles for secret access instead of KMS keys, and updated CLI version reference.
Security assessment
The change corrects documentation about how customer-managed secrets are accessed, specifying IAM roles instead of KMS keys. This clarifies security implementation details but doesn't indicate a security issue was fixed. It provides more accurate security documentation.
Diff
diff --git a/cli/latest/reference/datasync/update-location-object-storage.md b/cli/latest/reference/datasync/update-location-object-storage.md index 5587f6770..39163db9c 100644 --- a//cli/latest/reference/datasync/update-location-object-storage.md +++ b//cli/latest/reference/datasync/update-location-object-storage.md @@ -15 +15 @@ - * [AWS CLI 2.34.5 Command Reference](../../index.html) » + * [AWS CLI 2.34.8 Command Reference](../../index.html) » @@ -288 +288 @@ JSON Syntax: -> Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed KMS key. +> Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed Identity and Access Management (IAM) role that provides access to the secret. @@ -475 +475 @@ None - * [AWS CLI 2.34.5 Command Reference](../../index.html) » + * [AWS CLI 2.34.8 Command Reference](../../index.html) »