AWS cli documentation change
Summary
Added SecurityPolicy parameter documentation for configuring TLS version and cipher suites
Security assessment
Documents new security feature allowing configuration of TLS versions (1.0-1.3) and cipher suites. Enhances security posture but doesn't fix existing vulnerabilities. Adds security documentation for encryption settings.
Diff
diff --git a/cli/latest/reference/cognito-idp/create-user-pool-domain.md b/cli/latest/reference/cognito-idp/create-user-pool-domain.md index c3a6b24a2..a2d817dc7 100644 --- a//cli/latest/reference/cognito-idp/create-user-pool-domain.md +++ b//cli/latest/reference/cognito-idp/create-user-pool-domain.md @@ -15 +15 @@ - * [AWS CLI 2.35.5 Command Reference](../../index.html) » + * [AWS CLI 2.35.8 Command Reference](../../index.html) » @@ -161,0 +162,18 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/cognit +> +> SecurityPolicy -> (string) +> +>> The security policy for the custom domain. Defines the minimum TLS version and cipher suites that CloudFront uses when communicating with viewers (clients). Valid values are as follows: +>> +>> * `TLS_V1` : Supports TLS 1.0 and later. Provides the broadest client compatibility. +>> * `TLS_V1_2_2021` : Supports TLS 1.2 and later with 2021 cipher suites. Recommended minimum for most use cases. +>> * `TLS_V1_3_2025` : Supports TLS 1.3 and later with 2025 cipher suites. Provides the strongest security posture. +>> + +>> +>> Possible values: +>> +>> * `TLS_V1` +>> * `TLS_V1_2_2021` +>> * `TLS_V1_3_2025` +>> + @@ -166 +184 @@ Shorthand Syntax: - CertificateArn=string + CertificateArn=string,SecurityPolicy=string @@ -173 +191,2 @@ JSON Syntax: - "CertificateArn": "string" + "CertificateArn": "string", + "SecurityPolicy": "TLS_V1"|"TLS_V1_2_2021"|"TLS_V1_3_2025" @@ -432 +451 @@ Routing -> (structure) - * [AWS CLI 2.35.5 Command Reference](../../index.html) » + * [AWS CLI 2.35.8 Command Reference](../../index.html) »