AWS dtconsole medium security documentation change
Summary
Added 'admin_mode' permission requirement for GitLab Personal Access Token (PAT)
Security assessment
The change enforces stricter permissions by requiring 'admin_mode' scope for PATs, which indicates a security-conscious adjustment to ensure proper access controls. This directly addresses potential privilege escalation risks from under-scoped tokens.
Diff
diff --git a/dtconsole/latest/userguide/connections-create-gitlab-managed.md b/dtconsole/latest/userguide/connections-create-gitlab-managed.md index 8ac321dbd..ab3651878 100644 --- a/dtconsole/latest/userguide/connections-create-gitlab-managed.md +++ b/dtconsole/latest/userguide/connections-create-gitlab-managed.md @@ -110 +110 @@ Wait for your host to reach a **Pending** status, and then complete the setup. F - 2. A **Set up`host_name`** page displays. In **Provide personal access token** , provide your GitLab PAT with the following scoped-down permission only: `api`. + 2. A **Set up`host_name`** page displays. In **Provide personal access token** , provide your GitLab PAT with the following scoped-down permissions only: `api` and `admin_mode`.