AWS cli documentation change
Summary
Added documentation for KmsKeyArn field describing customer-managed KMS key encryption for canary environment variables
Security assessment
Introduces documentation for encryption of environment variables at rest using KMS, a security feature improvement without evidence of vulnerability remediation
Diff
diff --git a/cli/latest/reference/synthetics/get-canary.md b/cli/latest/reference/synthetics/get-canary.md index 2b9811190..e76ab2d30 100644 --- a//cli/latest/reference/synthetics/get-canary.md +++ b//cli/latest/reference/synthetics/get-canary.md @@ -15 +15 @@ - * [AWS CLI 2.35.19 Command Reference](../../index.html) » + * [AWS CLI 2.35.21 Command Reference](../../index.html) » @@ -1126,0 +1127,12 @@ Canary -> (structure) +> +> KmsKeyArn -> (string) +> +>> The Amazon Resource Name (ARN) of the customer-managed AWS Key Management Service (AWS KMS) key used to encrypt the canary’s AWS Lambda function environment variables at rest. If you don’t specify a value, the service uses an AWS-managed key. +>> +>> Constraints: +>> +>> * min: `1` +>> * max: `2048` +>> * pattern: `arn:(aws[a-zA-Z-]*)?:kms:[a-z]{2,4}(-[a-z]{2,4})?-[a-z]+-\d{1}:\d{12}:key/[\w\-\/]+` +>> + @@ -1163 +1175 @@ Canary -> (structure) - * [AWS CLI 2.35.19 Command Reference](../../index.html) » + * [AWS CLI 2.35.21 Command Reference](../../index.html) »