AWS Security ChangesHomeSearch

AWS batch medium security documentation change

Service: batch · 2025-08-10 · Security-related medium

File: batch/latest/userguide/specifying-sensitive-data-parameters.md

Summary

Replaced placeholder account/region values with specific examples in SSM/SecretsManager/KMS ARNs

Security assessment

Hardcoding account IDs (999999999999) and regions in resource ARNs creates a risk of credential leakage or unintended resource access if users copy examples verbatim.

Diff

diff --git a/batch/latest/userguide/specifying-sensitive-data-parameters.md b/batch/latest/userguide/specifying-sensitive-data-parameters.md
index 1c1720d17..7b20f33a2 100644
--- a//batch/latest/userguide/specifying-sensitive-data-parameters.md
+++ b//batch/latest/userguide/specifying-sensitive-data-parameters.md
@@ -72,3 +72,3 @@ JSON
-                    "arn:aws:ssm:<region>:<aws_account_id>:parameter/<parameter_name>",
-                    "arn:aws:secretsmanager:<region>:<aws_account_id>:secret:<secret_name>",
-                    "arn:aws:kms:<region>:<aws_account_id>:key/<key_id>"
+                    "arn:aws:ssm:us-east-2:999999999999:parameter/<parameter_name>",
+                    "arn:aws:secretsmanager:us-east-2:999999999999:secret:<secret_name>",
+                    "arn:aws:kms:us-east-2:999999999999:key/<key_id>"