AWS Security ChangesHomeSearch

AWS guardduty documentation change

Service: guardduty · 2026-06-07 · Documentation low

File: guardduty/latest/ug/data-protection.md

Summary

Updated encryption description for GuardDuty findings from 'AWS KMS using AWS owned customer managed keys' to 'AWS KMS with AWS owned keys'.

Security assessment

The change clarifies encryption implementation details but shows no evidence of addressing a security vulnerability. It enhances documentation of existing security features (encryption at rest) by correcting key management terminology.

Diff

diff --git a/guardduty/latest/ug/data-protection.md b/guardduty/latest/ug/data-protection.md
index a02d2f484..3159b1e00 100644
--- a//guardduty/latest/ug/data-protection.md
+++ b//guardduty/latest/ug/data-protection.md
@@ -36 +36 @@ All GuardDuty customer data is encrypted at rest using AWS encryption solutions.
-GuardDuty data, such as findings, is encrypted at rest using AWS Key Management Service (AWS KMS) using AWS owned customer managed keys.
+GuardDuty data, such as findings, is encrypted at rest using AWS Key Management Service (AWS KMS) with AWS owned keys.