AWS Security ChangesHomeSearch

AWS amazonq documentation change

Service: amazonq · 2025-03-30 · Documentation medium

File: amazonq/latest/qdeveloper-ug/q-admin-profile-sharing.md

Summary

Clarified profile sharing behavior and added operational details for cross-account management

Security assessment

Explains centralized profile enforcement as a security feature but does not address a specific vulnerability. Enhances documentation of security controls.

Diff

diff --git a/amazonq/latest/qdeveloper-ug/q-admin-profile-sharing.md b/amazonq/latest/qdeveloper-ug/q-admin-profile-sharing.md
index f45c9d0cd..1853c4704 100644
--- a/amazonq/latest/qdeveloper-ug/q-admin-profile-sharing.md
+++ b/amazonq/latest/qdeveloper-ug/q-admin-profile-sharing.md
@@ -9 +9 @@ If you are a management account administrator within an organization managed by
-  * Amazon Q will share the Amazon Q Developer managed application and settings profile created in the management account with member accounts in the same organization. The settings profile in the management account will override any settings profiles that might be configured in member accounts. 
+  * Amazon Q will share the Amazon Q Developer managed application and Amazon Q Developer profile created in the management account with member accounts in the same organization. The Amazon Q Developer profile in the management account will override any Amazon Q Developer profiles that might be configured in member accounts, ensuring consistency across accounts. Typically, a management account administrator would install the Amazon Q Developer profile (without subscribing any users) in the management account, and would also enable profile sharing. Then, member account administrators would subscribe users in their member accounts. Those subscribers would be associated with the Amazon Q Developer profile in the management account.