AWS payment-cryptography documentation change
Summary
Updated example AWS Key ARNs to remove account ID placeholder (replaced '111122223333' with empty segment '::')
Security assessment
The change standardizes example ARN formats but does not address a security vulnerability or weakness. Removing the account ID placeholder improves documentation clarity but does not inherently mitigate a security risk or introduce security features.
Diff
diff --git a/payment-cryptography/latest/userguide/use-cases-issuers.generalfunctions.icvv.md b/payment-cryptography/latest/userguide/use-cases-issuers.generalfunctions.icvv.md index 8657ad549..f643f5726 100644 --- a//payment-cryptography/latest/userguide/use-cases-issuers.generalfunctions.icvv.md +++ b//payment-cryptography/latest/userguide/use-cases-issuers.generalfunctions.icvv.md @@ -21 +21 @@ The response echoes back the request parameters, including an ARN for subsequent - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/c7dsi763r6s7lfp3", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/c7dsi763r6s7lfp3", @@ -49 +49 @@ The response echoes back the request parameters, including an ARN for subsequent -Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2:111122223333:key/c7dsi763r6s7lfp3_. You need that in the next step. +Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2::key/c7dsi763r6s7lfp3_. You need that in the next step. @@ -58 +58 @@ For all available parameters see [CardVerificationValue1](https://docs.aws.amazo - $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/c7dsi763r6s7lfp3 --primary-account-number=171234567890123 --generation-attributes CardVerificationValue1='{CardExpiryDate=1127,ServiceCode=999}' + $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/c7dsi763r6s7lfp3 --primary-account-number=171234567890123 --generation-attributes CardVerificationValue1='{CardExpiryDate=1127,ServiceCode=999}' @@ -63 +63 @@ For all available parameters see [CardVerificationValue1](https://docs.aws.amazo - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/c7dsi763r6s7lfp3", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/c7dsi763r6s7lfp3", @@ -80 +80 @@ iCVV is not a user entered value (like CVV2) but is typically embedded on an EMV - $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/c7dsi763r6s7lfp3 --primary-account-number=171234567890123 --verification-attributes CardVerificationValue1='{CardExpiryDate=1127,ServiceCode=999} --validation-data 532 + $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/c7dsi763r6s7lfp3 --primary-account-number=171234567890123 --verification-attributes CardVerificationValue1='{CardExpiryDate=1127,ServiceCode=999} --validation-data 532 @@ -85 +85 @@ iCVV is not a user entered value (like CVV2) but is typically embedded on an EMV - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/c7dsi763r6s7lfp3", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/c7dsi763r6s7lfp3",