AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-03-13 · Documentation low

File: cli/latest/reference/datasync/update-location-object-storage.md

Summary

Updated description of existing --custom-secret-config parameter to clarify it uses IAM roles for secret access instead of KMS keys, and updated CLI version reference.

Security assessment

The change corrects documentation about how customer-managed secrets are accessed, specifying IAM roles instead of KMS keys. This clarifies security implementation details but doesn't indicate a security issue was fixed. It provides more accurate security documentation.

Diff

diff --git a/cli/latest/reference/datasync/update-location-object-storage.md b/cli/latest/reference/datasync/update-location-object-storage.md
index 5587f6770..39163db9c 100644
--- a//cli/latest/reference/datasync/update-location-object-storage.md
+++ b//cli/latest/reference/datasync/update-location-object-storage.md
@@ -15 +15 @@
-  * [AWS CLI 2.34.5 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.8 Command Reference](../../index.html) »
@@ -288 +288 @@ JSON Syntax:
-> Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed KMS key.
+> Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed Identity and Access Management (IAM) role that provides access to the secret.
@@ -475 +475 @@ None
-  * [AWS CLI 2.34.5 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.8 Command Reference](../../index.html) »