AWS amazonq medium security documentation change
Summary
Simplified OAuth scope requirements from multiple scopes (read, write, useraccount) to only useraccount scope
Security assessment
Reducing required OAuth scopes to a single scope (useraccount) implements principle of least privilege, which is a security improvement
Diff
diff --git a/amazonq/latest/qbusiness-ug/servicenow-actions.md b/amazonq/latest/qbusiness-ug/servicenow-actions.md index 59fffeb62..516643a13 100644 --- a/amazonq/latest/qbusiness-ug/servicenow-actions.md +++ b/amazonq/latest/qbusiness-ug/servicenow-actions.md @@ -51,11 +51 @@ Before you configure your Amazon Q ServiceNow plugin, you must do the following: - * Make sure the OAuth plugin is active and the OAuth activation property is set to true. Required scopes: - - * `read` - - * `write` - - * `useraccount` - -###### Note - -We recommend choosing Classic OAuth Scopes. + * Make sure the OAuth plugin is active and the OAuth activation property is set to true. Required scopes: `useraccount`.