AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-03-30 · Documentation low

File: AmazonS3/latest/userguide/checking-object-integrity.md

Summary

Added checksum algorithm usage clarification for multipart/single uploads and corrected terminology from 'client servers' to 'clients'

Security assessment

Clarifies proper use of checksum algorithms for data integrity (a security feature), but does not address a specific security vulnerability

Diff

diff --git a/AmazonS3/latest/userguide/checking-object-integrity.md b/AmazonS3/latest/userguide/checking-object-integrity.md
index 9c039a172..a7d81da9f 100644
--- a/AmazonS3/latest/userguide/checking-object-integrity.md
+++ b/AmazonS3/latest/userguide/checking-object-integrity.md
@@ -92,0 +93,4 @@ Amazon S3 supports the following full object and composite checksum algorithm ty
+###### Note
+
+If you're using a `SHA-1` or `SHA-256` checksum algorithm for a multipart upload, you must use the composite algorithm type. If you're using a `SHA-1` or `SHA-256` checksum algorithm for a single part upload, only the full object algorithm type is supported.
+
@@ -455 +459 @@ If you're using S3 Object Lambda, all requests to S3 Object Lambda are signed us
-To make a chunked content encoding request, Amazon S3 requires client servers to include several headers to correctly parse the request. Client servers must include the following headers:
+To make a chunked content encoding request, Amazon S3 requires clients to include several headers to correctly parse the request. Clients must include the following headers: