AWS cli medium security documentation change
Summary
Updated documentation to reflect removal of transparency logging opt-out
Security assessment
Documents enforcement of certificate transparency logging as mandatory security control. Prevents circumvention of certificate monitoring.
Diff
diff --git a/cli/latest/reference/acm/update-certificate-options.md b/cli/latest/reference/acm/update-certificate-options.md index ca97bb1e7..5aca25535 100644 --- a//cli/latest/reference/acm/update-certificate-options.md +++ b//cli/latest/reference/acm/update-certificate-options.md @@ -15 +15 @@ - * [AWS CLI 2.35.3 Command Reference](../../index.html) » + * [AWS CLI 2.35.5 Command Reference](../../index.html) » @@ -60 +60 @@ First time using the AWS CLI? See the [User Guide](https://docs.aws.amazon.com/c -Updates a certificate. You can use this function to specify whether to opt in to or out of recording your certificate in a certificate transparency log and exporting. For more information, see [Opting Out of Certificate Transparency Logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency) and [Certificate Manager Exportable Managed Certificates](https://docs.aws.amazon.com/acm/latest/userguide/acm-exportable-certificates.html) . +Updates a certificate. You can use this function to specify whether to export your certificate. Certificate transparency logging opt-out is no longer available. For more information, see [Certificate Transparency Logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency) and [Certificate Manager Exportable Managed Certificates](https://docs.aws.amazon.com/acm/latest/userguide/acm-exportable-certificates.html) . @@ -111 +111 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/acm-20 -> Use to update the options for your certificate. Currently, you can specify whether to add your certificate to a transparency log or export your certificate. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser. +> Use to update the options for your certificate. Currently, you can specify whether to export your certificate. Certificate transparency logging opt-out is no longer available. All public certificates are recorded in a certificate transparency log. For more information, see [Certificate Transparency Logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency) . @@ -115 +115 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/acm-20 ->> You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` . +>> This parameter has been deprecated. Certificate transparency logging opt-out is no longer available. All public certificates are recorded in a certificate transparency log. @@ -291 +291 @@ None - * [AWS CLI 2.35.3 Command Reference](../../index.html) » + * [AWS CLI 2.35.5 Command Reference](../../index.html) »