AWS Security ChangesHomeSearch

AWS kms documentation change

Service: kms · 2026-05-22 · Documentation low

File: kms/latest/developerguide/encrypt_context.md

Summary

Minor edit clarifying that grant constraints are specifically for encryption context.

Security assessment

Cosmetic clarification of existing security documentation with no security implications or new security content.

Diff

diff --git a/kms/latest/developerguide/encrypt_context.md b/kms/latest/developerguide/encrypt_context.md
index 7e9eb5c66..ff07ed9df 100644
--- a//kms/latest/developerguide/encrypt_context.md
+++ b//kms/latest/developerguide/encrypt_context.md
@@ -73 +73 @@ For more information about these encryption context condition keys, see [Conditi
-When you [create a grant](./grants.html), you can include [grant constraints](https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html) that establish conditions for the grant permissions. AWS KMS supports two grant constraints, `EncryptionContextEquals` and `EncryptionContextSubset`, both of which involve the [encryption context](./encrypt_context.html) in a request for a cryptographic operation. When you use these grant constraints, the permissions in the grant are effective only when the encryption context in the request for the cryptographic operation satisfies the requirements of the grant constraints. 
+When you [create a grant](./grants.html), you can include [grant constraints](https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html) that establish conditions for the grant permissions. AWS KMS supports two encryption context grant constraints, `EncryptionContextEquals` and `EncryptionContextSubset`, both of which involve the [encryption context](./encrypt_context.html) in a request for a cryptographic operation. When you use these grant constraints, the permissions in the grant are effective only when the encryption context in the request for the cryptographic operation satisfies the requirements of the grant constraints.