AWS Security ChangesHomeSearch

AWS sap documentation change

Service: sap · 2026-05-19 · Documentation low

File: sap/latest/general/aws-kms.md

Summary

Updated HYOK scenario table structure, added key revocation capability, and corrected image reference from BYOK to HYOK

Security assessment

The change adds documentation about key revocation capabilities (disable/unregister keys) which is a security feature enhancement. No evidence of addressing a specific vulnerability.

Diff

diff --git a/sap/latest/general/aws-kms.md b/sap/latest/general/aws-kms.md
index 83d983b1b..87013a498 100644
--- a//sap/latest/general/aws-kms.md
+++ b//sap/latest/general/aws-kms.md
@@ -15,3 +15,5 @@ This integration allows customers to manage and control the encryption keys used
-Area |  AWS KMS (HYOK Scenario) | Supported Key Types and Key Sizes  
----|---|---  
-AES (256), RSA (3072, 4096) |  Key Management |  Key is created and stored in AWS KMS keystore  
+Area |  AWS KMS (HYOK Scenario)  
+---|---  
+Supported Key Types and Key Sizes |  AES (256), RSA (3072, 4096)  
+Key Management |  Key is created and stored in AWS KMS keystore  
+Key Revocation |  Key can be disabled or unregistered at any time  
@@ -21 +23 @@ Below is the SAP KMS integration with AWS KMS - HYOK
-![The SAP KMS integration with KMS - BYOK](/images/sap/latest/general/images/rise-security-hyok.png)
+![The SAP KMS integration with KMS - HYOK](/images/sap/latest/general/images/rise-security-hyok.png)