AWS AWSCloudFormation documentation change
Summary
Added KMS encryption documentation for durable function payloads
Security assessment
Documents encryption capability for sensitive data (input/output/error payloads) using KMS, enhancing security posture but not fixing a specific vulnerability.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-function.md b/AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-function.md index ccb19d21a..40e8a136e 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-function.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-function.md @@ -216 +216 @@ _Required_ : No -Configuration settings for [durable functions](https://docs.aws.amazon.com/lambda/latest/dg/durable-functions.html), including execution timeout and retention period for execution history. +Configuration settings for [durable functions](https://docs.aws.amazon.com/lambda/latest/dg/durable-functions.html), including execution timeout, retention period for execution history, and an optional ARN of the AWS Key Management Service (AWS KMS) customer managed key that is used to encrypt your durable execution's payload data, including input, output, and error payloads.