AWS Security ChangesHomeSearch

AWS amazonq medium security documentation change

Service: amazonq · 2025-03-19 · Security-related medium

File: amazonq/latest/qbusiness-ug/servicenow-actions.md

Summary

Simplified OAuth scope requirements from multiple scopes (read, write, useraccount) to only useraccount scope

Security assessment

Reducing required OAuth scopes to a single scope (useraccount) implements principle of least privilege, which is a security improvement

Diff

diff --git a/amazonq/latest/qbusiness-ug/servicenow-actions.md b/amazonq/latest/qbusiness-ug/servicenow-actions.md
index 59fffeb62..516643a13 100644
--- a/amazonq/latest/qbusiness-ug/servicenow-actions.md
+++ b/amazonq/latest/qbusiness-ug/servicenow-actions.md
@@ -51,11 +51 @@ Before you configure your Amazon Q ServiceNow plugin, you must do the following:
-  * Make sure the OAuth plugin is active and the OAuth activation property is set to true. Required scopes:
-
-    * `read`
-
-    * `write`
-
-    * `useraccount`
-
-###### Note
-
-We recommend choosing Classic OAuth Scopes.
+  * Make sure the OAuth plugin is active and the OAuth activation property is set to true. Required scopes: `useraccount`.