AWS Security ChangesHomeSearch

AWS amazonq high security documentation change

Service: amazonq · 2025-03-19 · Security-related high

File: amazonq/latest/qbusiness-ug/using-plugins.md

Summary

Modified CLI example to include --no-verify-ssl flag and simplified parameters

Security assessment

Adding --no-verify-ssl flag in documentation example encourages insecure practice by disabling SSL certificate verification

Diff

diff --git a/amazonq/latest/qbusiness-ug/using-plugins.md b/amazonq/latest/qbusiness-ug/using-plugins.md
index 37105a21e..582f2c867 100644
--- a/amazonq/latest/qbusiness-ug/using-plugins.md
+++ b/amazonq/latest/qbusiness-ug/using-plugins.md
@@ -60,4 +60,3 @@ API
-    aws qbusiness chat-sync --application-id '${application-id}' \
-    --user-message "Create an issue in Jira for broken button in web application" \
-    --clientToken '${user-oauth-token} ' \
-    --chat-mode PLUGIN_MODE \
+    aws qbusiness --no-verify-ssl --endpoint-url $endpoint \
+    chat-sync --application-id application-id --user-id user-id \
+    --user-message "Create an issue in Jira for broken button in web application" --chat-mode PLUGIN_MODE \
@@ -66 +65 @@ API
-            "pluginId":"${plugin-id}"
+    		"pluginId":"plugin-id"