AWS cli documentation change
Summary
Added documentation for KmsKeyArn field describing customer-managed KMS key encryption for canary environment variables
Security assessment
The change documents encryption capability for environment variables using customer-managed KMS keys, enhancing security posture but not addressing a specific vulnerability
Diff
diff --git a/cli/latest/reference/synthetics/describe-canaries.md b/cli/latest/reference/synthetics/describe-canaries.md index 227d04193..4589c339c 100644 --- a//cli/latest/reference/synthetics/describe-canaries.md +++ b//cli/latest/reference/synthetics/describe-canaries.md @@ -15 +15 @@ - * [AWS CLI 2.35.19 Command Reference](../../index.html) » + * [AWS CLI 2.35.21 Command Reference](../../index.html) » @@ -1167,0 +1168,12 @@ Canaries -> (list) +>> +>> KmsKeyArn -> (string) +>> +>>> The Amazon Resource Name (ARN) of the customer-managed AWS Key Management Service (AWS KMS) key used to encrypt the canary’s AWS Lambda function environment variables at rest. If you don’t specify a value, the service uses an AWS-managed key. +>>> +>>> Constraints: +>>> +>>> * min: `1` +>>> * max: `2048` +>>> * pattern: `arn:(aws[a-zA-Z-]*)?:kms:[a-z]{2,4}(-[a-z]{2,4})?-[a-z]+-\d{1}:\d{12}:key/[\w\-\/]+` +>>> + @@ -1215 +1227 @@ NextToken -> (string) - * [AWS CLI 2.35.19 Command Reference](../../index.html) » + * [AWS CLI 2.35.21 Command Reference](../../index.html) »