AWS codeguru high security documentation change
Summary
Modified KMS key ARN regex pattern by removing end anchor
Security assessment
Removal of $ anchor in KMS ARN pattern (from '...$' to '...') could allow invalid ARN formats, potentially leading to encryption misconfigurations.
Diff
diff --git a/codeguru/latest/security-api/API_EncryptionConfig.md b/codeguru/latest/security-api/API_EncryptionConfig.md index 1ff2eb8a6..b08baf98d 100644 --- a//codeguru/latest/security-api/API_EncryptionConfig.md +++ b//codeguru/latest/security-api/API_EncryptionConfig.md @@ -22 +22 @@ Length Constraints: Minimum length of 1. Maximum length of 2048. -Pattern: `^arn:aws:kms:[\S]+:[\d]{12}:key\/(([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})|(mrk-[0-9a-zA-Z]{32}))$` +Pattern: `arn:aws:kms:[\S]+:[\d]{12}:key\/(([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})|(mrk-[0-9a-zA-Z]{32}))`