AWS rolesanywhere documentation change
Summary
Clarified authentication mechanism documentation
Security assessment
Improves explanation of security feature (certificate-based authentication) without addressing vulnerabilities
Diff
diff --git a/rolesanywhere/latest/userguide/authentication.md b/rolesanywhere/latest/userguide/authentication.md index e190eaa87..1077d8f9a 100644 --- a//rolesanywhere/latest/userguide/authentication.md +++ b//rolesanywhere/latest/userguide/authentication.md @@ -7 +7 @@ -To provide credentials, AWS Identity and Access Management Roles Anywhere uses the [IAM Roles Anywhere CreateSession API](./authentication-create-session.html). The API authenticates requests with a signature using keys associated with the X.509 certificate, which was used for authentication. The API method of IAM Roles Anywhere, `[](./authentication-create-session.html)` acts like `AssumeRole` – exchanging the signature for a standard SigV4-compatible session credential. +To provide credentials, AWS Identity and Access Management Roles Anywhere uses the [IAM Roles Anywhere CreateSession API](./authentication-create-session.html). The API authenticates requests with a signature using keys associated with the X.509 certificate, which was used for authentication. It acts like `AssumeRole` – exchanging the signature for a standard SigV4-compatible session credential.