AWS Security ChangesHomeSearch

AWS transform medium security documentation change

Service: transform · 2026-05-01 · Security-related medium

File: transform/latest/userguide/custom-workflows.md

Summary

Enhanced documentation for trust settings in custom workflows, adding 'alwaysPromptCommands' list and clarifying security guardrail behavior

Security assessment

The changes explicitly document security guardrails for command execution, including bypass conditions and dangerous command patterns (rm -rf, sudo). The addition of 'alwaysPromptCommands' directly addresses security risks by requiring explicit permission for high-risk operations, indicating security-focused enhancements to the trust model.

Diff

diff --git a/transform/latest/userguide/custom-workflows.md b/transform/latest/userguide/custom-workflows.md
index 1ba7378fe..2af483288 100644
--- a//transform/latest/userguide/custom-workflows.md
+++ b//transform/latest/userguide/custom-workflows.md
@@ -62 +62 @@ When executing transformations with `atx custom def exec`, the following flags a
-The `-t` or `--trust-all-tools` flag automatically approves all tool executions without prompting and bypasses all security guardrails. This is required for a fully autonomous experience but not required to execute the transformation. Use with caution in production environments.
+The `-t` or `--trust-all-tools` flag automatically approves all tool executions without prompting and bypasses most security guardrails, (commands matching your `alwaysPromptCommands` list still require explicit permission unless overridden by `trustedShellCommands`). Passing in `--non-interactive` and `--trust-all-tools` is required for a fully autonomous experience but not required to execute the transformation. Use with caution in production environments.
@@ -280 +280 @@ Disable automatic version checks and update notifications during command executi
-Trust settings allow you to pre-approve specific tools and commands to execute without prompts. These settings are configured in the `~/.aws/atx/trust-settings.yaml` file.
+Trust settings allow you to pre-approve specific tools and commands to execute without prompts. You can also require explicit permission for specific shell commands regardless of trust level. These settings are configured in the `~/.aws/atx/trust-settings.yaml` file.
@@ -282 +282 @@ Trust settings allow you to pre-approve specific tools and commands to execute w
-The file contains two lists:
+The file contains three lists:
@@ -287,0 +288,2 @@ The file contains two lists:
+  * `alwaysPromptCommands` \- Shell command patterns that require explicit permission unless overridden by `trustedShellCommands`, regardless of the `-t` flag or session trust. These patterns are not enforced in non-interactive mode (`-x`).
+
@@ -304 +306,9 @@ The file contains two lists:
-You can manually edit the trust-settings.yaml file to add or remove trusted tools and commands. The `trustedShellCommands` list supports wildcard patterns using `*` for flexible command matching.
+You can manually edit the trust-settings.yaml file to add or remove trusted tools and commands. Both `trustedShellCommands` and `alwaysPromptCommands` support glob wildcard patterns using `*`.
+
+###### Note
+
+If a command matches both lists, `trustedShellCommands` takes priority.
+
+The following describes each command list and provides examples:
+
+  * `trustedShellCommands` \- Commands matching these patterns execute without prompting, bypassing all other guardrails. Patterns are matched against the full command string.
@@ -311,0 +322,10 @@ Examples:
+  * `alwaysPromptCommands` \- Commands matching these patterns require explicit permission unless overridden by `trustedShellCommands`, regardless of the `-t` flag or session trust. These patterns are not enforced in non-interactive mode (`-x`). Patterns are matched against each sub-command in compound expressions (`&&`, `||`, command substitutions).
+
+Examples:
+
+    * `rm -rf *` \- Always prompts for recursive force-delete commands
+
+    * `sudo *` \- Always prompts for commands run with sudo
+
+    * `find * -exec *` \- Always prompts for find commands with -exec
+
@@ -329,0 +350,4 @@ Session-level trust settings are temporary and reset when the CLI restarts, prov
+###### Note
+
+Session trust is not available for commands matching your `alwaysPromptCommands` list.
+