AWS codepipeline documentation change
Summary
Updated IAM policy example with specific account ID (111122223333) and added JSON formatting sections.
Security assessment
Improves security documentation by showing correct ARN patterns with explicit account IDs, reducing potential for insecure wildcard use. Not a vulnerability fix.
Diff
diff --git a/codepipeline/latest/userguide/action-reference-CodeCommit.md b/codepipeline/latest/userguide/action-reference-CodeCommit.md index ba472374b..36aa5b880 100644 --- a//codepipeline/latest/userguide/action-reference-CodeCommit.md +++ b//codepipeline/latest/userguide/action-reference-CodeCommit.md @@ -174,0 +175,6 @@ When CodePipeline runs the action, the CodePipeline service role policy requires +JSON + + +**** + + @@ -190 +196 @@ When CodePipeline runs the action, the CodePipeline service role policy requires - "arn:aws:codecommit:*:{{customerAccountId}}:[[codecommitRepostories]]" + "arn:aws:codecommit:*:111122223333:[[codecommitRepostories]]"