From 339aa82a06dc0fcc0f1463185ccec2d3504a79ae Mon Sep 17 00:00:00 2001
From: VaidSaraswat <41310238+VaidSaraswat@users.noreply.github.com>
Date: Thu, 19 Sep 2024 14:34:04 -0700
Subject: [PATCH] Update packages/aws-cdk-lib/aws-stepfunctions/README.md

---
 packages/aws-cdk-lib/aws-stepfunctions/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/aws-cdk-lib/aws-stepfunctions/README.md b/packages/aws-cdk-lib/aws-stepfunctions/README.md
index ebbf8edf640fe..6b818071af27f 100644
--- a/packages/aws-cdk-lib/aws-stepfunctions/README.md
+++ b/packages/aws-cdk-lib/aws-stepfunctions/README.md
@@ -994,7 +994,7 @@ const stateMachine = new sfn.StateMachine(this, 'StateMachineWithCMKEncryptionCo
 ```
 
 ### Encrypting state machine logs in Cloud Watch Logs
-If a state machine is encrypted with a customer managed key and has logging enabled, its decrypted execution history will be stored in CloudWatch Logs. To optionally encrypt the logs, you can encrypt the `LogGroup` used by the state machine with a KMS key.
+If a state machine is encrypted with a customer managed key and has logging enabled, its decrypted execution history will be stored in CloudWatch Logs. If you want to encrypt the logs from the state machine using your own KMS key, you can do so by configuring the `LogGroup` associated with the state machine to use a KMS key.
 ```ts
 import * as kms from 'aws-cdk-lib/aws-kms';
 import * as cdk from 'aws-cdk-lib';