AWS AWSCloudFormation documentation change
Summary
Updated ARN pattern to include both KMS keys and aliases
Security assessment
The change expands the valid ARN pattern format but doesn't address any specific vulnerability or weakness. It's a documentation refinement for encryption configuration without security implications.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md b/AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md index a428621f1..6462eb74d 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-properties-kinesisfirehose-deliverystream-kmsencryptionconfig.md @@ -42 +42 @@ _Required_ : Yes - _Pattern_ : `arn:.*:kms:[a-zA-Z0-9\-]+:\d{12}:key/[a-zA-Z_0-9+=,.@\-_/]+` + _Pattern_ : `arn:.*:kms:[a-zA-Z0-9\-]+:\d{12}:(key|alias)/[a-zA-Z_0-9+=,.@\-_/]+`