AWS Security ChangesHomeSearch

AWS codepipeline documentation change

Service: codepipeline · 2025-08-19 · Documentation medium

File: codepipeline/latest/userguide/action-reference-ECS.md

Summary

Updated IAM policy examples with specific account ID (111122223333) and improved JSON formatting.

Security assessment

Enhances security documentation by demonstrating proper ECS task definition permissions with explicit account IDs. No security flaw addressed.

Diff

diff --git a/codepipeline/latest/userguide/action-reference-ECS.md b/codepipeline/latest/userguide/action-reference-ECS.md
index 1b3d86e6f..153db8cfb 100644
--- a//codepipeline/latest/userguide/action-reference-ECS.md
+++ b//codepipeline/latest/userguide/action-reference-ECS.md
@@ -109,0 +110,6 @@ For Amazon ECS, the following are the minimum permissions needed to create pipel
+JSON
+    
+
+****
+    
+    
@@ -114 +120,2 @@ For Amazon ECS, the following are the minimum permissions needed to create pipel
-        { "Sid": "TaskDefinitionPermissions",
+            {
+                "Sid": "TaskDefinitionPermissions",
@@ -124 +131,2 @@ For Amazon ECS, the following are the minimum permissions needed to create pipel
-        { "Sid": "ECSServicePermissions",
+            {
+                "Sid": "ECSServicePermissions",
@@ -131 +139 @@ For Amazon ECS, the following are the minimum permissions needed to create pipel
-            "arn:aws:ecs:*:{{customerAccountId}}:service/[[clusters]]/*"
+                    "arn:aws:ecs:*:111122223333:service/[[clusters]]/*"
@@ -134 +142,2 @@ For Amazon ECS, the following are the minimum permissions needed to create pipel
-        { "Sid": "ECSTagResource",
+            {
+                "Sid": "ECSTagResource",
@@ -140 +149 @@ For Amazon ECS, the following are the minimum permissions needed to create pipel
-            "arn:aws:ecs:*:{{customerAccountId}}:task-definition/[[taskDefinitions]]:*"
+                    "arn:aws:ecs:*:111122223333:task-definition/[[taskDefinitions]]:*"
@@ -150 +159,2 @@ For Amazon ECS, the following are the minimum permissions needed to create pipel
-        { "Sid": "IamPassRolePermissions",
+            {
+                "Sid": "IamPassRolePermissions",
@@ -154 +164 @@ For Amazon ECS, the following are the minimum permissions needed to create pipel
-            "arn:aws:iam::{{customerAccountId}}:role/[[passRoles]]"
+                    "arn:aws:iam::111122223333:role/[[passRoles]]"