AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2025-11-04 · Documentation low

File: AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-permission.md

Summary

Clarified wording for the 'FunctionUrlAuthType' condition to use 'When specified' instead of 'When set to `true`'.

Security assessment

The change clarifies access control behavior for Lambda function URLs but does not indicate a security vulnerability fix.

Diff

diff --git a/AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-permission.md b/AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-permission.md
index 2b4e70dc7..e52233910 100644
--- a//AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-permission.md
+++ b//AWSCloudFormation/latest/TemplateReference/aws-resource-lambda-permission.md
@@ -138 +138 @@ _Required_ : No
-Restricts the `lambda:InvokeFunction` action to function URL calls. When set to `true`, this prevents the principal from invoking the function by any means other than the function URL. For more information, see [Control access to Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+Restricts the `lambda:InvokeFunction` action to function URL calls. When specified, this option prevents the principal from invoking the function by any means other than the function URL. For more information, see [Control access to Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).