AWS amazonq medium security documentation change
Summary
Removed environment variable substitution details and sensitive information handling recommendation
Security assessment
Removal of guidance about storing sensitive information in environment variables rather than hardcoding could impact security practices. However, no explicit vulnerability is mentioned.
Diff
diff --git a/amazonq/latest/qdeveloper-ug/command-line-mcp-configuration.md b/amazonq/latest/qdeveloper-ug/command-line-mcp-configuration.md index dbf142b1c..332ca79d0 100644 --- a//amazonq/latest/qdeveloper-ug/command-line-mcp-configuration.md +++ b//amazonq/latest/qdeveloper-ug/command-line-mcp-configuration.md @@ -28,2 +27,0 @@ Both files are optional; neither, one, or both can exist. If both files exist, A -Amazon Q Developer CLI watches these configuration files and automatically reloads the MCP configuration whenever you make changes to either file. - @@ -70,9 +67,0 @@ If the "command" property is present in an entry, this MCP server uses stdio tra -Environment variable substitution: - - * `${env:VAR_NAME}`: Substitutes the value of the environment variable VAR_NAME - - * `${file:/path/to/file}`: Substitutes the contents of the specified file - - - - @@ -146,2 +134,0 @@ Example with multiple MCP servers and environment variables: - * Store sensitive information like API keys as environment variables rather than hardcoding them in the configuration file. -