AWS Security ChangesHomeSearch

AWS elasticloadbalancing documentation change

Service: elasticloadbalancing · 2025-02-26 · Documentation low

File: elasticloadbalancing/latest/application/listener-authenticate-users.md

Summary

Minor grammatical improvements to logout procedure documentation (article change and pluralization)

Security assessment

Changes are linguistic clarifications without security context or feature additions

Diff

diff --git a/elasticloadbalancing/latest/application/listener-authenticate-users.md
index 5ae5e4831..d8443ba69 100644
--- a/elasticloadbalancing/latest/application/listener-authenticate-users.md
+++ b/elasticloadbalancing/latest/application/listener-authenticate-users.md
@@ -438 +438 @@ For example, if a user loads the login page through the Application Load Balance
-When an application needs to log out an authenticated user, it should set the expiration time of the authentication session cookie to -1 and redirect the client to the IdP logout endpoint (if the IdP supports one). To prevent users from reusing a deleted cookie, we recommend that you configure as short an expiration time for the access token as is reasonable. If a client provides a load balancer with a session cookie that has an expired access token with a non-NULL refresh token, the load balancer contacts the IdP to determine whether the user is still logged in.
+When an application needs to log out an authenticated user, it should set the expiration time of the authentication session cookie to -1 and redirect the client to the IdP logout endpoint (if the IdP supports one). To prevent users from reusing a deleted cookie, we recommend that you configure as short an expiration time for the access token as is reasonable. If a client provides the load balancer with a session cookie that has an expired access token with a non-NULL refresh token, the load balancer contacts the IdP to determine whether the user is still logged in.
@@ -440 +440 @@ When an application needs to log out an authenticated user, it should set the ex
-The client logout landing page is an unauthenticated page. This means that it cannot be behind an Application Load Balancer rule that requires authentication.
+Client logout landing pages are unauthenticated. This means that they cannot be behind an Application Load Balancer rule that requires authentication.