AWS Security ChangesHomeSearch

AWS codepipeline documentation change

Service: codepipeline · 2025-08-19 · Documentation medium

File: codepipeline/latest/userguide/action-reference-CloudFormation.md

Summary

Modified IAM policy examples to use specific account ID (111122223333) and added JSON formatting sections.

Security assessment

Enhances security documentation by demonstrating proper resource ARN formatting with explicit account IDs, helping prevent policy errors. No direct security fix.

Diff

diff --git a/codepipeline/latest/userguide/action-reference-CloudFormation.md b/codepipeline/latest/userguide/action-reference-CloudFormation.md
index 697bc42d3..ff9ef53a2 100644
--- a//codepipeline/latest/userguide/action-reference-CloudFormation.md
+++ b//codepipeline/latest/userguide/action-reference-CloudFormation.md
@@ -270,0 +271,6 @@ When CodePipeline runs the action, the CodePipeline service role policy requires
+JSON
+    
+
+****
+    
+    
@@ -292 +298 @@ When CodePipeline runs the action, the CodePipeline service role policy requires
-            "arn:aws:cloudformation:*:{{customerAccountId}}:stack/[[cfnDeployStackNames]]/*"
+                    "arn:aws:cloudformation:*:111122223333:stack/[[cfnDeployStackNames]]/*"
@@ -310 +316 @@ When CodePipeline runs the action, the CodePipeline service role policy requires
-            "arn:aws:iam::{{customerAccountId}}:role/[[cfnExecutionRoles]]"
+                    "arn:aws:iam::111122223333:role/[[cfnExecutionRoles]]"