AWS payment-cryptography low security documentation change
Summary
Removed AWS account ID from example KeyArn in CVV2 generation command and response
Security assessment
Sanitizing cryptographic key references in examples addresses potential security risks from accidental use of real account identifiers.
Diff
diff --git a/payment-cryptography/latest/userguide/generate-cvv2.md b/payment-cryptography/latest/userguide/generate-cvv2.md index 448c7fa63..be271aa92 100644 --- a//payment-cryptography/latest/userguide/generate-cvv2.md +++ b//payment-cryptography/latest/userguide/generate-cvv2.md @@ -10 +10 @@ In this example, we will generate a CVV2 for a given PAN with inputs of `[PAN](. - $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/tqv5yij6wtxx64pi --primary-account-number=171234567890123 --generation-attributes CardVerificationValue2={CardExpiryDate=0123} + $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/tqv5yij6wtxx64pi --primary-account-number=171234567890123 --generation-attributes CardVerificationValue2={CardExpiryDate=0123} @@ -15 +15 @@ In this example, we will generate a CVV2 for a given PAN with inputs of `[PAN](. - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/tqv5yij6wtxx64pi", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/tqv5yij6wtxx64pi",