AWS codepipeline documentation change
Summary
Updated 'AWS CloudFormation' to 'CloudFormation' in secret management guidance
Security assessment
Terminology update within existing security guidance. Maintains existing security recommendations without introducing new protections or addressing vulnerabilities.
Diff
diff --git a/codepipeline/latest/userguide/security-best-practices.md b/codepipeline/latest/userguide/security-best-practices.md index c31bfef3f..f8d5155db 100644 --- a//codepipeline/latest/userguide/security-best-practices.md +++ b//codepipeline/latest/userguide/security-best-practices.md @@ -16 +16 @@ You use encryption and authentication for the source repositories that connect t - * If you create a pipeline or action configuration that needs to include secrets, such as tokens or passwords, do not enter secrets directly in the action configuration, or default values of variables defined at pipeline level or AWS CloudFormation configuration, because the information will display in logs. Use Secrets Manager to set up and store secrets, and then use the referenced secret in the pipeline and action configuration, as described in [ Use AWS Secrets Manager to track database passwords or third-party API keys](./parameter-store-encryption.html). + * If you create a pipeline or action configuration that needs to include secrets, such as tokens or passwords, do not enter secrets directly in the action configuration, or default values of variables defined at pipeline level or CloudFormation configuration, because the information will display in logs. Use Secrets Manager to set up and store secrets, and then use the referenced secret in the pipeline and action configuration, as described in [ Use AWS Secrets Manager to track database passwords or third-party API keys](./parameter-store-encryption.html).