AWS datasync documentation change
Summary
Added links to documentation for CmkSecretConfig and CustomSecretConfig parameters explaining how to use service-managed secrets with custom KMS keys and customer-managed secrets.
Security assessment
This change only adds reference links to existing security documentation. It improves documentation clarity but doesn't introduce new security features or address any security vulnerability.
Diff
diff --git a/datasync/latest/userguide/API_CreateLocationSmb.md b/datasync/latest/userguide/API_CreateLocationSmb.md index fcc9b8ebd..6544ed121 100644 --- a//datasync/latest/userguide/API_CreateLocationSmb.md +++ b//datasync/latest/userguide/API_CreateLocationSmb.md @@ -88 +88 @@ When you include this parameter as part of a `CreateLocationSmbRequest` request, -Make sure that DataSync has permission to access the KMS key that you specify. +Make sure that DataSync has permission to access the KMS key that you specify. For more information, see [ Using a service-managed secret encrypted with a custom AWS KMS key](https://docs.aws.amazon.com/datasync/latest/userguide/location-credentials.html#service-secret-custom-key). @@ -101 +101 @@ Required: No -Specifies configuration information for a customer-managed Secrets Manager secret where the SMB storage location credentials is stored in Secrets Manager as plain text (for `Password`) or binary (for `KerberosKeytab`). This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. +Specifies configuration information for a customer-managed Secrets Manager secret where the SMB storage location credentials is stored in Secrets Manager as plain text (for `Password`) or binary (for `KerberosKeytab`). This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret. For more information, see [ Using a secret that you manage](https://docs.aws.amazon.com/datasync/latest/userguide/location-credentials.html#custom-secret-custom-key).