AWS AWSCloudFormation high security documentation change
Summary
Added new TLS security policy option 'Policy-Min-TLS-1-2-RFC9151-FIPS-2024-08' to the allowed values for OpenSearch domain endpoint options.
Security assessment
This change adds a new FIPS-compliant TLS security policy that follows RFC9151 standards, which is a security enhancement for OpenSearch domains. The addition of FIPS-compliant TLS policies directly addresses cryptographic security and compliance requirements.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-opensearchservice-domain-domainendpointoptions.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-opensearchservice-domain-domainendpointoptions.md index fec1ee5ef..57bf27171 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-properties-opensearchservice-domain-domainendpointoptions.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-opensearchservice-domain-domainendpointoptions.md @@ -107 +107 @@ _Required_ : No - _Allowed values_ : `Policy-Min-TLS-1-0-2019-07 | Policy-Min-TLS-1-2-2019-07 | Policy-Min-TLS-1-2-PFS-2023-10` + _Allowed values_ : `Policy-Min-TLS-1-0-2019-07 | Policy-Min-TLS-1-2-2019-07 | Policy-Min-TLS-1-2-PFS-2023-10 | Policy-Min-TLS-1-2-RFC9151-FIPS-2024-08`