AWS Security ChangesHomeSearch

AWS opensearch-service medium security documentation change

Service: opensearch-service · 2025-03-19 · Security-related medium

File: opensearch-service/latest/ServerlessAPIReference/API_CreateIamIdentityCenterConfigOptions.md

Summary

Added regex anchors (^ and $) to IAM Identity Center instance ARN pattern validation

Security assessment

Stricter regex validation prevents potential ARN format bypasses, addressing configuration security risks

Diff

diff --git a/opensearch-service/latest/ServerlessAPIReference/API_CreateIamIdentityCenterConfigOptions.md b/opensearch-service/latest/ServerlessAPIReference/API_CreateIamIdentityCenterConfigOptions.md
index 4ff9f82ca..ddd203d56 100644
--- a/opensearch-service/latest/ServerlessAPIReference/API_CreateIamIdentityCenterConfigOptions.md
+++ b/opensearch-service/latest/ServerlessAPIReference/API_CreateIamIdentityCenterConfigOptions.md
@@ -22 +22 @@ Length Constraints: Minimum length of 10. Maximum length of 1224.
-Pattern: `arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}`
+Pattern: `^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$`