AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2026-05-28 · Documentation low

File: AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md

Summary

Updated ARN pattern to include both KMS keys and aliases

Security assessment

The change expands the valid ARN pattern format but doesn't address any specific vulnerability or weakness. It's a documentation refinement for encryption configuration without security implications.

Diff

diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md
index a428621f1..6462eb74d 100644
--- a//AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md
+++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md
@@ -42 +42 @@ _Required_ : Yes
- _Pattern_ : `arn:.*:kms:[a-zA-Z0-9\-]+:\d{12}:key/[a-zA-Z_0-9+=,.@\-_/]+`
+ _Pattern_ : `arn:.*:kms:[a-zA-Z0-9\-]+:\d{12}:(key|alias)/[a-zA-Z_0-9+=,.@\-_/]+`