AWS Security ChangesHomeSearch

AWS opensearch-service documentation change

Service: opensearch-service · 2025-04-23 · Documentation low

File: opensearch-service/latest/developerguide/configure-client-source-security-lake.md

Summary

Updated SQS queue URL format, removed explicit sts_role_arn example, and adjusted blueprint documentation links

Security assessment

Changes involve URL formatting corrections (region syntax) and documentation link updates. No evidence of addressing security vulnerabilities or adding security features. Removal of sts_role_arn appears to be cleanup rather than security-related.

Diff

diff --git a/opensearch-service/latest/developerguide/configure-client-source-security-lake.md b/opensearch-service/latest/developerguide/configure-client-source-security-lake.md
index f31861034..385e37681 100644
--- a//opensearch-service/latest/developerguide/configure-client-source-security-lake.md
+++ b//opensearch-service/latest/developerguide/configure-client-source-security-lake.md
@@ -93 +93 @@ You must attach these permissions to the IAM role that you specify in the `sts_r
-          queue_url: "https://sqs.region.amazonaws.com/account-id/AmazonSecurityLake-abcde-Main-Queue"
+          queue_url: "https://sqs.us-east-1amazonaws.com/account-id/AmazonSecurityLake-abcde-Main-Queue"
@@ -96 +95,0 @@ You must attach these permissions to the IAM role that you specify in the `sts_r
-          **sts_role_arn: arn:aws:iam::account-id:role/pipeline-role**
@@ -105 +104 @@ You must attach these permissions to the IAM role that you specify in the `sts_r
-After you add the permissions to the pipeline role, use the preconfigured Security Lake blueprint to create the pipeline. For more information, see [Using blueprints to create a pipeline](./pipeline-blueprint.html).
+After you add the permissions to the pipeline role, use the preconfigured Security Lake blueprint to create the pipeline. For more information, see [Working with blueprints](./pipeline-blueprint.html).
@@ -107 +106 @@ After you add the permissions to the pipeline role, use the preconfigured Securi
-You must specify the `queue_url` option within the `s3` source configuration, which is the Amazon SQS queue URL to read from. To format the URL, locate the **Subscription endpoint** in the subscriber configuration and change `arn:aws:` to `https://`. For example, `https://sqs.`region`.amazonaws.com/`account-id`/AmazonSecurityLake-`abdcef`-Main-Queue`.
+You must specify the `queue_url` option within the `s3` source configuration, which is the Amazon SQS queue URL to read from. To format the URL, locate the **Subscription endpoint** in the subscriber configuration and change `arn:aws:` to `https://`. For example, `https://sqs.`us-east-1`amazonaws.com/`account-id`/AmazonSecurityLake-`abdcef`-Main-Queue`.