AWS amazonq documentation change
Summary
Added note about Salesforce connector enforcing role hierarchies for custom object access regardless of Salesforce settings
Security assessment
Documents access control behavior but does not address vulnerabilities or introduce new security features - describes existing limitations
Diff
diff --git a/amazonq/latest/qbusiness-ug/salesforce-connector.md index 64b87fdd2..f3bb5075f 100644 --- a/amazonq/latest/qbusiness-ug/salesforce-connector.md +++ b/amazonq/latest/qbusiness-ug/salesforce-connector.md @@ -64,0 +75,2 @@ The Salesforce Online connector has the following known limitations: + * The Salesforce Online connector respects hierarchies for custom object record access regardless of Salesforce settings, due to Salesforce API limitations. In other words, while Salesforce Online lets users disable Grant Access Using Hierarchies for custom objects, the role hierarchy will still apply for Amazon Q Business. +