AWS Security ChangesHomeSearch

AWS codeguru high security documentation change

Service: codeguru · 2025-06-13 · Security-related high

File: codeguru/latest/security-api/API_EncryptionConfig.md

Summary

Modified KMS key ARN regex pattern by removing end anchor

Security assessment

Removal of $ anchor in KMS ARN pattern (from '...$' to '...') could allow invalid ARN formats, potentially leading to encryption misconfigurations.

Diff

diff --git a/codeguru/latest/security-api/API_EncryptionConfig.md b/codeguru/latest/security-api/API_EncryptionConfig.md
index 1ff2eb8a6..b08baf98d 100644
--- a//codeguru/latest/security-api/API_EncryptionConfig.md
+++ b//codeguru/latest/security-api/API_EncryptionConfig.md
@@ -22 +22 @@ Length Constraints: Minimum length of 1. Maximum length of 2048.
-Pattern: `^arn:aws:kms:[\S]+:[\d]{12}:key\/(([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})|(mrk-[0-9a-zA-Z]{32}))$`
+Pattern: `arn:aws:kms:[\S]+:[\d]{12}:key\/(([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})|(mrk-[0-9a-zA-Z]{32}))`