AWS Security ChangesHomeSearch

AWS datasync documentation change

Service: datasync · 2026-03-19 · Documentation low

File: datasync/latest/userguide/API_CreateLocationAzureBlob.md

Summary

Added documentation links for KMS key permissions and secret management best practices

Security assessment

Enhanced guidance about securing credentials with KMS and Secrets Manager improves security documentation but doesn't indicate resolution of a specific vulnerability.

Diff

diff --git a/datasync/latest/userguide/API_CreateLocationAzureBlob.md b/datasync/latest/userguide/API_CreateLocationAzureBlob.md
index 4428ed4b9..d0a7bf6ac 100644
--- a//datasync/latest/userguide/API_CreateLocationAzureBlob.md
+++ b//datasync/latest/userguide/API_CreateLocationAzureBlob.md
@@ -109 +109 @@ When you include this parameter as part of a `CreateLocationAzureBlob` request,
-Make sure that DataSync has permission to access the KMS key that you specify.
+Make sure that DataSync has permission to access the KMS key that you specify. For more information, see [ Using a service-managed secret encrypted with a custom AWS KMS key](https://docs.aws.amazon.com/datasync/latest/userguide/location-credentials.html#service-secret-custom-key).
@@ -135 +135 @@ Required: Yes
-Specifies configuration information for a customer-managed Secrets Manager secret where the authentication token for an AzureBlob storage location is stored in plain text, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.
+Specifies configuration information for a customer-managed Secrets Manager secret where the authentication token for an AzureBlob storage location is stored in plain text, in Secrets Manager. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see [ Using a secret that you manage](https://docs.aws.amazon.com/datasync/latest/userguide/location-credentials.html#custom-secret-custom-key).