AWS payment-cryptography documentation change
Summary
Updated example KeyARNs by removing account ID (111122223333) from ARN strings in documentation examples
Security assessment
The change replaces specific account IDs with empty segments (::) in example ARNs. This appears to be a documentation hygiene improvement to use placeholder values rather than exposing example account IDs, but does not address a specific security vulnerability or add security guidance. While removing account IDs from examples is a security best practice, there's no evidence this was fixing an active security issue.
Diff
diff --git a/payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.amex.md b/payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.amex.md index 79a9542b6..439248bb7 100644 --- a//payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.amex.md +++ b//payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.amex.md @@ -36 +36 @@ The response echoes back the request parameters, including an ARN for subsequent - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/esh6hn7pxdtttzgq", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/esh6hn7pxdtttzgq", @@ -64 +64 @@ The response echoes back the request parameters, including an ARN for subsequent -Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2:111122223333:key/esh6hn7pxdtttzgq_. You need that in the next step. +Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2::key/esh6hn7pxdtttzgq_. You need that in the next step. @@ -69 +69 @@ Take note of the `KeyArn` that represents the key, for example _arn:aws:payment- - $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/esh6hn7pxdtttzgq --primary-account-number=344131234567848 --generation-attributes AmexCardSecurityCodeVersion1='{CardExpiryDate=1224}' --validation-data-length 4 + $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/esh6hn7pxdtttzgq --primary-account-number=344131234567848 --generation-attributes AmexCardSecurityCodeVersion1='{CardExpiryDate=1224}' --validation-data-length 4 @@ -73 +73 @@ Take note of the `KeyArn` that represents the key, for example _arn:aws:payment- - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/esh6hn7pxdtttzgq", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/esh6hn7pxdtttzgq", @@ -85 +85 @@ If AWS Payment Cryptography is able to validate, an http/200 is returned. If the - $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/esh6hn7pxdtttzgq --primary-account-number=344131234567848 --verification-attributes AmexCardSecurityCodeVersion1='{CardExpiryDate=1224}'' --validation-data 3938 + $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/esh6hn7pxdtttzgq --primary-account-number=344131234567848 --verification-attributes AmexCardSecurityCodeVersion1='{CardExpiryDate=1224}'' --validation-data 3938 @@ -89 +89 @@ If AWS Payment Cryptography is able to validate, an http/200 is returned. If the - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/esh6hn7pxdtttzgq", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/esh6hn7pxdtttzgq", @@ -109 +109 @@ The response echoes back the request parameters, including an ARN for subsequent - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/erlm445qvunmvoda", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/erlm445qvunmvoda", @@ -137 +137 @@ The response echoes back the request parameters, including an ARN for subsequent -Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2:111122223333:key/erlm445qvunmvoda_. You need that in the next step. +Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2::key/erlm445qvunmvoda_. You need that in the next step. @@ -144 +144 @@ In this example, we will generate a CSC2 with a length of 4. CSC can be generate - $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/erlm445qvunmvoda --primary-account-number=344131234567848 --generation-attributes AmexCardSecurityCodeVersion2='{CardExpiryDate=1224,ServiceCode=999}' --validation-data-length 4 + $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/erlm445qvunmvoda --primary-account-number=344131234567848 --generation-attributes AmexCardSecurityCodeVersion2='{CardExpiryDate=1224,ServiceCode=999}' --validation-data-length 4 @@ -148 +148 @@ In this example, we will generate a CSC2 with a length of 4. CSC can be generate - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/erlm445qvunmvoda", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/erlm445qvunmvoda", @@ -160 +160 @@ If AWS Payment Cryptography is able to validate, an http/200 is returned. If the - $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/erlm445qvunmvoda --primary-account-number=344131234567848 --verification-attributes AmexCardSecurityCodeVersion2='{CardExpiryDate=1224,ServiceCode=999}' --validation-data 3982 + $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/erlm445qvunmvoda --primary-account-number=344131234567848 --verification-attributes AmexCardSecurityCodeVersion2='{CardExpiryDate=1224,ServiceCode=999}' --validation-data 3982 @@ -164 +164 @@ If AWS Payment Cryptography is able to validate, an http/200 is returned. If the - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/erlm445qvunmvoda", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/erlm445qvunmvoda", @@ -186 +186 @@ The response echoes back the request parameters, including an ARN for subsequent - "KeyArn": "arn:aws:payment-cryptography:us-east-1:111122223333:key/7vrybrbvjcvwtunv", + "KeyArn": "arn:aws:payment-cryptography:us-east-1::key/7vrybrbvjcvwtunv", @@ -214 +214 @@ The response echoes back the request parameters, including an ARN for subsequent -Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-1:111122223333:key/7vrybrbvjcvwtunv_. You need that in the next step. +Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-1::key/7vrybrbvjcvwtunv_. You need that in the next step. @@ -221 +221 @@ In this example, we will generate a iCSC with a length of 4, for a contactless c - $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-1:111122223333:key/7vrybrbvjcvwtunv --primary-account-number=344131234567848 --generation-attributes AmexCardSecurityCodeVersion2='{CardExpiryDate=1224,ServiceCode=702}' --validation-data-length 4 + $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-1::key/7vrybrbvjcvwtunv --primary-account-number=344131234567848 --generation-attributes AmexCardSecurityCodeVersion2='{CardExpiryDate=1224,ServiceCode=702}' --validation-data-length 4 @@ -225 +225 @@ In this example, we will generate a iCSC with a length of 4, for a contactless c - "KeyArn": arn:aws:payment-cryptography:us-east-1:111122223333:key/7vrybrbvjcvwtunv, + "KeyArn": arn:aws:payment-cryptography:us-east-1::key/7vrybrbvjcvwtunv, @@ -237 +237 @@ If AWS Payment Cryptography is able to validate, an http/200 is returned. If the - $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-1:111122223333:key/7vrybrbvjcvwtunv --primary-account-number=344131234567848 --verification-attributes AmexCardSecurityCodeVersion2='{CardExpiryDate=1224,ServiceCode=702}' --validation-data 2365 + $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-1::key/7vrybrbvjcvwtunv --primary-account-number=344131234567848 --verification-attributes AmexCardSecurityCodeVersion2='{CardExpiryDate=1224,ServiceCode=702}' --validation-data 2365 @@ -241 +241 @@ If AWS Payment Cryptography is able to validate, an http/200 is returned. If the - "KeyArn": arn:aws:payment-cryptography:us-east-1:111122223333:key/7vrybrbvjcvwtunv, + "KeyArn": arn:aws:payment-cryptography:us-east-1::key/7vrybrbvjcvwtunv,