AWS Security ChangesHomeSearch

AWS payment-cryptography documentation change

Service: payment-cryptography · 2025-08-01 · Documentation low

File: payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.visa.md

Summary

Updated example KeyArn values by removing AWS account ID from ARN strings

Security assessment

Similar to the Mastercard file, this removes placeholder account IDs from example ARNs. No indication of security remediation, only documentation formatting changes.

Diff

diff --git a/payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.visa.md b/payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.visa.md
index 3d8c9ac17..d208e613b 100644
--- a//payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.visa.md
+++ b//payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.visa.md
@@ -38 +38 @@ The response echoes back the request parameters, including an ARN for subsequent
-                                "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/pw3s6nl62t5ushfk",
+                                "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/pw3s6nl62t5ushfk",
@@ -66 +66 @@ The response echoes back the request parameters, including an ARN for subsequent
-Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2:111122223333:key/pw3s6nl62t5ushfk_. You need that in the next step.
+Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2::key/pw3s6nl62t5ushfk_. You need that in the next step.
@@ -76 +76 @@ If AWS Payment Cryptography is able to validate the ARQC, an http/200 is returne
-                  --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/pw3s6nl62t5ushfk \
+                  --key-identifier arn:aws:payment-cryptography:us-east-2::key/pw3s6nl62t5ushfk \
@@ -84 +84 @@ If AWS Payment Cryptography is able to validate the ARQC, an http/200 is returne
-                    "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/pw3s6nl62t5ushfk",
+                    "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/pw3s6nl62t5ushfk",
@@ -104 +104 @@ The response echoes back the request parameters, including an ARN for subsequent
-                            "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/dnaeyrjgdjjtw6dk",
+                            "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/dnaeyrjgdjjtw6dk",
@@ -132 +132 @@ The response echoes back the request parameters, including an ARN for subsequent
-Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2:111122223333:key/dnaeyrjgdjjtw6dk_. You need that in the next step.
+Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2::key/dnaeyrjgdjjtw6dk_. You need that in the next step.
@@ -141 +141 @@ For all available parameters see [CardVerificationValue1](https://docs.aws.amazo
-    $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/dnaeyrjgdjjtw6dk --primary-account-number=171234567890123 --generation-attributes CardVerificationValue1='{CardExpiryDate=9431,ServiceCode=431}'
+    $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/dnaeyrjgdjjtw6dk --primary-account-number=171234567890123 --generation-attributes CardVerificationValue1='{CardExpiryDate=9431,ServiceCode=431}'
@@ -146 +146 @@ For all available parameters see [CardVerificationValue1](https://docs.aws.amazo
-                              "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/dnaeyrjgdjjtw6dk",
+                              "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/dnaeyrjgdjjtw6dk",
@@ -163 +163 @@ CAVV is not a user entered value (like CVV2) but is calculated by the issuer ACS
-    $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/dnaeyrjgdjjtw6dk --primary-account-number=171234567890123 --verification-attributes CardVerificationValue1='{CardExpiryDate=9431,ServiceCode=431} --validation-data 491
+    $ aws payment-cryptography-data verify-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/dnaeyrjgdjjtw6dk --primary-account-number=171234567890123 --verification-attributes CardVerificationValue1='{CardExpiryDate=9431,ServiceCode=431} --validation-data 491
@@ -168 +168 @@ CAVV is not a user entered value (like CVV2) but is calculated by the issuer ACS
-                            "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/dnaeyrjgdjjtw6dk",
+                            "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/dnaeyrjgdjjtw6dk",