AWS Security ChangesHomeSearch

AWS AWSCloudFormation documentation change

Service: AWSCloudFormation · 2026-01-19 · Documentation low

File: AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md

Summary

Replaced min/max length constraints with a pattern validation for KMS key identifiers.

Security assessment

The new pattern enforces valid KMS key formats (ARN, alias, or UUID), improving documentation for encryption key configuration. This enhances security awareness but doesn't address a specific vulnerability.

Diff

diff --git a/AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md b/AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md
index 2ff5400bf..584772c3c 100644
--- a//AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md
+++ b//AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md
@@ -143,3 +143 @@ _Required_ : No
- _Minimum_ : `1`
-
- _Maximum_ : `2048`
+ _Pattern_ : `^[\da-f]{8}-[\da-f]{4}-[\da-f]{4}-[\da-f]{4}-[\da-f]{12}|alias/[a-zA-Z0-9/_-]{1,250}|arn:aws[a-zA-Z-]*:kms:((eusc-)?[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1})?:(key/[0-9a-f-]{36}|alias/[a-zA-Z0-9/_-]{1,250})$`