AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2025-03-30 · Documentation medium

File: AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.md

Summary

Added ComputeRoleArn documentation for SSR app security permissions

Security assessment

Documents IAM role configuration for secure access control but doesn't address a specific vulnerability

Diff

diff --git a/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.md b/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.md
index 2c4c1323d..aadd17b19 100644
--- a/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.md
+++ b/AWSCloudFormation/latest/UserGuide/aws-resource-amplify-app.md
@@ -23,0 +24 @@ To declare this entity in your AWS CloudFormation template, use the following sy
+          "ComputeRoleArn" : String,
@@ -51,0 +53 @@ To declare this entity in your AWS CloudFormation template, use the following sy
+      ComputeRoleArn: String
@@ -144,0 +147,17 @@ _Required_ : No
+`ComputeRoleArn`
+    
+
+The Amazon Resource Name (ARN) of the IAM role for an SSR app. The Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the _Amplify User Guide_.
+
+_Required_ : No
+
+ _Type_ : String
+
+ _Pattern_ : `(?s).*`
+
+_Minimum_ : `0`
+
+ _Maximum_ : `1000`
+
+ _Update requires_ : [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
+