AWS cli medium security documentation change
Summary
Updated certificate transparency documentation to reflect mandatory logging
Security assessment
Removes opt-out capability for certificate transparency logging, enforcing security best practice. Prevents malicious certificate issuance by mandating public logging.
Diff
diff --git a/cli/latest/reference/acm/describe-certificate.md b/cli/latest/reference/acm/describe-certificate.md index 1490a0fb0..f7e7e6a32 100644 --- a//cli/latest/reference/acm/describe-certificate.md +++ b//cli/latest/reference/acm/describe-certificate.md @@ -15 +15 @@ - * [AWS CLI 2.35.3 Command Reference](../../index.html) » + * [AWS CLI 2.35.5 Command Reference](../../index.html) » @@ -867 +867 @@ Certificate -> (structure) ->> Value that specifies whether to add the certificate to a transparency log. Certificate transparency makes it possible to detect SSL certificates that have been mistakenly or maliciously issued. A browser might respond to certificate that has not been logged by showing an error message. The logs are cryptographically secure. +>> Contains the certificate options. Certificate transparency logging opt-out is no longer available. All public certificates are recorded in a certificate transparency log. @@ -871 +871 @@ Certificate -> (structure) ->>> You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` . +>>> This parameter has been deprecated. Certificate transparency logging opt-out is no longer available. All public certificates are recorded in a certificate transparency log. @@ -901 +901 @@ Certificate -> (structure) - * [AWS CLI 2.35.3 Command Reference](../../index.html) » + * [AWS CLI 2.35.5 Command Reference](../../index.html) »