AWS Security ChangesHomeSearch

AWS rolesanywhere documentation change

Service: rolesanywhere · 2025-04-11 · Documentation low

File: rolesanywhere/latest/userguide/authentication.md

Summary

Clarified authentication mechanism documentation

Security assessment

Improves explanation of security feature (certificate-based authentication) without addressing vulnerabilities

Diff

diff --git a/rolesanywhere/latest/userguide/authentication.md b/rolesanywhere/latest/userguide/authentication.md
index e190eaa87..1077d8f9a 100644
--- a//rolesanywhere/latest/userguide/authentication.md
+++ b//rolesanywhere/latest/userguide/authentication.md
@@ -7 +7 @@
-To provide credentials, AWS Identity and Access Management Roles Anywhere uses the [IAM Roles Anywhere CreateSession API](./authentication-create-session.html). The API authenticates requests with a signature using keys associated with the X.509 certificate, which was used for authentication. The API method of IAM Roles Anywhere, `[](./authentication-create-session.html)` acts like `AssumeRole` – exchanging the signature for a standard SigV4-compatible session credential.
+To provide credentials, AWS Identity and Access Management Roles Anywhere uses the [IAM Roles Anywhere CreateSession API](./authentication-create-session.html). The API authenticates requests with a signature using keys associated with the X.509 certificate, which was used for authentication. It acts like `AssumeRole` – exchanging the signature for a standard SigV4-compatible session credential.