AWS opensearch-service medium security documentation change
Summary
Updated regex patterns for IAM Identity Center application and instance ARNs with start/end anchors
Security assessment
Tightened ARN validation patterns to prevent invalid inputs, mitigating potential misconfiguration vulnerabilities
Diff
diff --git a/opensearch-service/latest/ServerlessAPIReference/API_IamIdentityCenterConfigOptions.md b/opensearch-service/latest/ServerlessAPIReference/API_IamIdentityCenterConfigOptions.md index 9e1032bec..739cef83b 100644 --- a/opensearch-service/latest/ServerlessAPIReference/API_IamIdentityCenterConfigOptions.md +++ b/opensearch-service/latest/ServerlessAPIReference/API_IamIdentityCenterConfigOptions.md @@ -22 +22 @@ Length Constraints: Minimum length of 10. Maximum length of 1224. -Pattern: `arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso::\d{12}:application/(sso)?ins-[a-zA-Z0-9-.]{16}/apl-[a-zA-Z0-9]{16}` +Pattern: `^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso::\d{12}:application/(sso)?ins-[a-zA-Z0-9-.]{16}/apl-[a-zA-Z0-9]{16}$` @@ -64 +64 @@ Length Constraints: Minimum length of 10. Maximum length of 1224. -Pattern: `arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}` +Pattern: `^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$`