AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2025-07-13 · Documentation medium

File: AWSCloudFormation/latest/UserGuide/cfn-regexes.md

Summary

Added clarification about regex support limitations in CloudFormation intrinsic functions

Security assessment

Explicitly states regex limitations to prevent misconfigurations, helping users avoid potential template validation errors. While not fixing a specific security issue, it adds preventive security documentation by clarifying proper usage patterns.

Diff

diff --git a/AWSCloudFormation/latest/UserGuide/cfn-regexes.md b/AWSCloudFormation/latest/UserGuide/cfn-regexes.md
index 9dc4d2833..c1dff8f20 100644
--- a//AWSCloudFormation/latest/UserGuide/cfn-regexes.md
+++ b//AWSCloudFormation/latest/UserGuide/cfn-regexes.md
@@ -34,0 +35,4 @@ If you write your CloudFormation template in YAML syntax, you must surround the
+###### Note
+
+Regular expressions in CloudFormation are only supported for validation purposes in specific contexts like `AllowedPattern`. They are not supported as pattern matching operations in CloudFormation intrinsic functions, such as `Fn::Equals`, which perform exact string comparison only, not pattern matching.
+