AWS Security ChangesHomeSearch

AWS code-library documentation change

Service: code-library · 2025-04-11 · Documentation low

File: code-library/latest/ug/java_2_kms_code_examples.md

Summary

Removed explicit EnvironmentVariableCredentialsProvider configuration from KMS client initialization

Security assessment

The change removes an explicit credentials provider declaration but doesn't address a security vulnerability. AWS SDKs automatically use the default credential chain (including environment variables) when no provider is specified. This appears to be a code example simplification rather than a security-related fix.

Diff

diff --git a/code-library/latest/ug/java_2_kms_code_examples.md b/code-library/latest/ug/java_2_kms_code_examples.md
index da16dce34..fe433ea20 100644
--- a//code-library/latest/ug/java_2_kms_code_examples.md
+++ b//code-library/latest/ug/java_2_kms_code_examples.md
@@ -789 +788,0 @@ Define a class that wraps KMS actions.
-                    .credentialsProvider(EnvironmentVariableCredentialsProvider.create())