AWS Security ChangesHomeSearch

AWS sdk-for-kotlin documentation change

Service: sdk-for-kotlin · 2025-02-26 · Documentation low

File: sdk-for-kotlin/latest/developer-guide/use-services-s3-mrap.md

Summary

Updated SigV4a signing documentation: dependency changed from 'aws-signing-crt' to 'aws-signing-default', with clarifications

Security assessment

Documents configuration for SigV4a signing (a security feature), but no evidence of addressing a specific vulnerability.

Diff

diff --git a/sdk-for-kotlin/latest/developer-guide/use-services-s3-mrap.md
index 4015c95b5..cde869644 100644
--- a/sdk-for-kotlin/latest/developer-guide/use-services-s3-mrap.md
+++ b/sdk-for-kotlin/latest/developer-guide/use-services-s3-mrap.md
@@ -166 +166 @@ You use the [S3 client](https://sdk.amazonaws.com/kotlin/api/latest/s3/aws.sdk.k
-Operations with Multi-Region Access Points are signed with the Asymmetric Sigv4 (Sigv4a) signing algorithm. Support for Sigv4a in the AWS SDK for Kotlin currently requires signing with the CRT signer which is a separate dependency. To configure support for Sigv4a, add the following dependencies to your project. (You can navigate to the `X.Y.Z` link to see the latest version available.)
+Operations with Multi-Region Access Points are signed with the Asymmetric SigV4 (SigV4a) signing algorithm. To configure SigV4a, first add the following dependencies to your project. (You can navigate to the `X.Y.Z` link to see the latest version available.)
@@ -173 +173 @@ Operations with Multi-Region Access Points are signed with the Asymmetric Sigv4
-    implementation("aws.smithy.kotlin:aws-signing-crt")
+    implementation("aws.smithy.kotlin:aws-signing-default")
@@ -178 +178 @@ Operations with Multi-Region Access Points are signed with the Asymmetric Sigv4
-After you add the dependencies, configure the S3 client to use the Sigv4a signing algorithm as shown in the following code.
+After you add the dependencies, configure the S3 client to use the SigV4a signing algorithm as shown in the following code.