AWS Security ChangesHomeSearch

AWS rolesanywhere documentation change

Service: rolesanywhere · 2025-04-11 · Documentation low

File: rolesanywhere/latest/userguide/authentication-create-session.md

Summary

Added detailed parameter documentation for CreateSession API

Security assessment

Expands documentation for security-related API parameters but doesn't address vulnerabilities

Diff

diff --git a/rolesanywhere/latest/userguide/authentication-create-session.md b/rolesanywhere/latest/userguide/authentication-create-session.md
index b4b3ce1a9..fee9f2a6f 100644
--- a//rolesanywhere/latest/userguide/authentication-create-session.md
+++ b//rolesanywhere/latest/userguide/authentication-create-session.md
@@ -27 +27,28 @@ The CreateSession API returns temporary security credentials for workloads that
-The request does not use any URI parameters.
+The request accepts the following as URI parameters or as JSON in the request body. Our examples put these in the request body.
+
+`profileArn`
+    
+
+The Amazon Resource Name (ARN) of the profile.
+
+Type: String
+
+Required: Yes
+
+`roleArn`
+    
+
+The Amazon Resource Name (ARN) of the role to assume.
+
+Type: String
+
+Required: Yes
+
+`trustAnchorArn`
+    
+
+The Amazon Resource Name (ARN) of the trust anchor.
+
+Type: String
+
+Required: Yes