AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2025-11-19 · Documentation low

File: AWSCloudFormation/latest/UserGuide/cross-service-confused-deputy-prevention.md

Summary

Replaced 'AWS CloudFormation' with 'CloudFormation' in security context about cross-service permissions

Security assessment

While the content relates to security (confused deputy prevention), the change only adjusts service name formatting. The actual security guidance about using SourceArn/SourceAccount remains unchanged.

Diff

diff --git a/AWSCloudFormation/latest/UserGuide/cross-service-confused-deputy-prevention.md b/AWSCloudFormation/latest/UserGuide/cross-service-confused-deputy-prevention.md
index b9d2d2007..450ea36df 100644
--- a//AWSCloudFormation/latest/UserGuide/cross-service-confused-deputy-prevention.md
+++ b//AWSCloudFormation/latest/UserGuide/cross-service-confused-deputy-prevention.md
@@ -11 +11 @@ The confused deputy problem is a security issue where an entity that doesn't hav
-We recommend using the [aws:SourceArn](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn) and [aws:SourceAccount](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount) global condition context keys in resource policies to limit the permissions that AWS CloudFormation gives another service to a specific resource, such as a CloudFormation extension. Use `aws:SourceArn` if you want only one resource to be associated with the cross-service access. Use `aws:SourceAccount` if you want to allow any resource in that account to be associated with the cross-service use.
+We recommend using the [aws:SourceArn](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn) and [aws:SourceAccount](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount) global condition context keys in resource policies to limit the permissions that CloudFormation gives another service to a specific resource, such as a CloudFormation extension. Use `aws:SourceArn` if you want only one resource to be associated with the cross-service access. Use `aws:SourceAccount` if you want to allow any resource in that account to be associated with the cross-service use.
@@ -70 +70 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-AWS CloudFormation service role
+CloudFormation service role