AWS AWSCloudFormation documentation change
Summary
Added 'Type' property to environment variable configuration with options 'PLAINTEXT' and 'SECRETS_MANAGER'
Security assessment
Introduces documentation for securely handling secrets via AWS Secrets Manager instead of plaintext. This directly addresses secure credential management but does not indicate a specific prior security issue.
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-environmentvariable.md b/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-environmentvariable.md index a35a33890..12f7e77e8 100644 --- a//AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-environmentvariable.md +++ b//AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-environmentvariable.md @@ -17,0 +18 @@ To declare this entity in your AWS CloudFormation template, use the following sy + "Type" : String, @@ -25,0 +27 @@ To declare this entity in your AWS CloudFormation template, use the following sy + Type: String @@ -47,0 +50,13 @@ _Minimum_ : `1` +`Type` + + +Specifies the type of use for the environment variable value. The value can be either `PLAINTEXT` or `SECRETS_MANAGER`. If the value is `SECRETS_MANAGER`, provide the Secrets reference in the EnvironmentVariable value. + +_Required_ : No + + _Type_ : String + + _Allowed values_ : `PLAINTEXT | SECRETS_MANAGER` + + _Update requires_ : [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) +