AWS amazonq documentation change
Summary
Expanded X.509 certificate requirements including generation, S3 storage, and IAM permission guidance
Security assessment
Adds documentation about secure certificate management and IAM permissions for authentication, which are security-related features. No indication of patching a vulnerability.
Diff
diff --git a/amazonq/latest/qbusiness-ug/sharepoint-cloud-prereqs.md b/amazonq/latest/qbusiness-ug/sharepoint-cloud-prereqs.md index 7fabe26f9..d682ade17 100644 --- a/amazonq/latest/qbusiness-ug/sharepoint-cloud-prereqs.md +++ b/amazonq/latest/qbusiness-ug/sharepoint-cloud-prereqs.md @@ -145 +145,3 @@ For a list of things to consider while configuring your data source, see [ Data - * Noted the file path to a X.509 certificate you have created and stored in an Amazon S3 bucket. For more information on how to do this, see [Granting access via Azure AD App-Only](https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread) and [New-PnPAzureCertificate](https://pnp.github.io/powershell/cmdlets/New-PnPAzureCertificate.html) in _Microsoft developer documentation_ + * Generated an X.509 certificate. For more information on how to create and configure an X.509 certificate, see [Granting access via Azure AD App-Only](https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread) and [New-PnPAzureCertificate](https://pnp.github.io/powershell/cmdlets/New-PnPAzureCertificate.html) in _Microsoft developer documentation_. + + * After generating the X.509 certificate, upload your .CRT file (the public certificate) to an Amazon S3 bucket. Note the file path to a X.509 certificate you have created and stored in an Amazon S3 bucket. (Ex. `s3://bucket-name/path/to/certificate.crt`). Ensure that your Amazon Q Business IAM role has permissions to read from this Amazon S3 bucket.