AWS amazonq high security documentation change
Summary
Modified CLI example to include --no-verify-ssl flag and simplified parameters
Security assessment
Adding --no-verify-ssl flag in documentation example encourages insecure practice by disabling SSL certificate verification
Diff
diff --git a/amazonq/latest/qbusiness-ug/using-plugins.md b/amazonq/latest/qbusiness-ug/using-plugins.md index 37105a21e..582f2c867 100644 --- a/amazonq/latest/qbusiness-ug/using-plugins.md +++ b/amazonq/latest/qbusiness-ug/using-plugins.md @@ -60,4 +60,3 @@ API - aws qbusiness chat-sync --application-id '${application-id}' \ - --user-message "Create an issue in Jira for broken button in web application" \ - --clientToken '${user-oauth-token} ' \ - --chat-mode PLUGIN_MODE \ + aws qbusiness --no-verify-ssl --endpoint-url $endpoint \ + chat-sync --application-id application-id --user-id user-id \ + --user-message "Create an issue in Jira for broken button in web application" --chat-mode PLUGIN_MODE \ @@ -66 +65 @@ API - "pluginId":"${plugin-id}" + "pluginId":"plugin-id"