AWS cli documentation change
Summary
Added KMSKeyArn parameter for encrypting durable execution payloads
Security assessment
Documents new encryption capability using customer-managed KMS keys for payload data protection, enhancing data security but not addressing a specific vulnerability
Diff
diff --git a/cli/latest/reference/lambda/create-function.md b/cli/latest/reference/lambda/create-function.md index 49b58b8b0..82e541004 100644 --- a//cli/latest/reference/lambda/create-function.md +++ b//cli/latest/reference/lambda/create-function.md @@ -15 +15 @@ - * [AWS CLI 2.35.16 Command Reference](../../index.html) » + * [AWS CLI 2.35.19 Command Reference](../../index.html) » @@ -994,0 +995,12 @@ JSON Syntax: +> +> KMSKeyArn -> (string) +> +>> The ARN of the Key Management Service (KMS) customer managed key that is used to encrypt your durable execution’s payload data, including input, output, and error payloads. +>> +>> Constraints: +>> +>> * min: `0` +>> * max: `10000` +>> * pattern: `(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()` +>> + @@ -1021 +1033 @@ Shorthand Syntax: - RetentionPeriodInDays=integer,ExecutionTimeout=integer + KMSKeyArn=string,RetentionPeriodInDays=integer,ExecutionTimeout=integer @@ -1027,0 +1040 @@ JSON Syntax: + "KMSKeyArn": "string", @@ -2039,0 +2053,12 @@ DurableConfig -> (structure) +> +> KMSKeyArn -> (string) +> +>> The ARN of the Key Management Service (KMS) customer managed key that is used to encrypt your durable execution’s payload data, including input, output, and error payloads. +>> +>> Constraints: +>> +>> * min: `0` +>> * max: `10000` +>> * pattern: `(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()` +>> + @@ -2073 +2098 @@ DurableConfig -> (structure) - * [AWS CLI 2.35.16 Command Reference](../../index.html) » + * [AWS CLI 2.35.19 Command Reference](../../index.html) »