AWS Security ChangesHomeSearch

AWS codebuild medium security documentation change

Service: codebuild · 2025-08-13 · Security-related medium

File: codebuild/latest/userguide/auth-and-access-control-using-tags.md

Summary

Fixed JSON syntax and replaced tag-based condition with region restriction in policy example

Security assessment

Changed from resource tag-based access control ('aws:ResourceTag/Status') to regional restriction ('aws:RequestedRegion'). This modifies access control logic but doesn't explicitly address a known vulnerability.

Diff

diff --git a/codebuild/latest/userguide/auth-and-access-control-using-tags.md b/codebuild/latest/userguide/auth-and-access-control-using-tags.md
index 624946372..d40d6a3c5 100644
--- a//codebuild/latest/userguide/auth-and-access-control-using-tags.md
+++ b//codebuild/latest/userguide/auth-and-access-control-using-tags.md
@@ -105 +105 @@ JSON
-            "codebuild:BatchGetReportGroups,"
+            "codebuild:BatchGetReportGroups",
@@ -111 +111 @@ JSON
-           ]
+          ],
@@ -114 +114,3 @@ JSON
-             "StringEquals" : "aws:ResourceTag/Status": "Secret"
+            "StringLike": {
+              "aws:RequestedRegion": "us-east-1"
+            }