AWS AWSCloudFormation documentation change
Summary
Replaced min/max length constraints with a pattern validation for KMS key identifiers.
Security assessment
The new pattern enforces valid KMS key formats (ARN, alias, or UUID), improving documentation for encryption key configuration. This enhances security awareness but doesn't address a specific vulnerability.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md b/AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md index 2ff5400bf..584772c3c 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-resource-appconfig-configurationprofile.md @@ -143,3 +143 @@ _Required_ : No - _Minimum_ : `1` - - _Maximum_ : `2048` + _Pattern_ : `^[\da-f]{8}-[\da-f]{4}-[\da-f]{4}-[\da-f]{4}-[\da-f]{12}|alias/[a-zA-Z0-9/_-]{1,250}|arn:aws[a-zA-Z-]*:kms:((eusc-)?[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1})?:(key/[0-9a-f-]{36}|alias/[a-zA-Z0-9/_-]{1,250})$`