AWS Security ChangesHomeSearch

AWS pinpoint medium security documentation change

Service: pinpoint · 2025-10-25 · Security-related medium

File: pinpoint/latest/developerguide/permissions-export-endpoints.md

Summary

Added JSON formatting markers and updated resource ARNs with specific region/account values in export endpoint permissions examples.

Security assessment

Concretized ARNs (e.g., us-east-1:111122223333) and added explicit SourceArn restrictions prevent ambiguous resource matching. This demonstrates principle of least privilege by showing exact resource formatting, reducing risk of over-permissive exports.

Diff

diff --git a/pinpoint/latest/developerguide/permissions-export-endpoints.md b/pinpoint/latest/developerguide/permissions-export-endpoints.md
index 55a299d12..b06718dd9 100644
--- a//pinpoint/latest/developerguide/permissions-export-endpoints.md
+++ b//pinpoint/latest/developerguide/permissions-export-endpoints.md
@@ -33,0 +34,6 @@ An IAM policy defines the permissions for an entity, such as an identity or reso
+JSON
+    
+
+****
+    
+    
@@ -127,0 +135,6 @@ Now that you've created an IAM policy, you can create a role and attach the poli
+JSON
+    
+
+****
+    
+    
@@ -142 +155 @@ Now that you've created an IAM policy, you can create a role and attach the poli
-                        "aws:SourceArn": "arn:aws:mobiletargeting:region:accountId:apps/applicationId"
+                    "aws:SourceArn": "arn:aws:mobiletargeting:us-east-1:111122223333:apps/applicationId"