AWS quicksight documentation change
Summary
Clarified that RegisterUser API generates a registration URL without sending emails, requiring manual URL access.
Security assessment
Documentation now explicitly states that no registration emails are sent via API, which clarifies security expectations for user provisioning. While not addressing a specific vulnerability, it adds transparency about a security-related process.
Diff
diff --git a/quicksight/latest/developerguide/register-user.md b/quicksight/latest/developerguide/register-user.md index b882eeea8..5d9371493 100644 --- a//quicksight/latest/developerguide/register-user.md +++ b//quicksight/latest/developerguide/register-user.md @@ -7 +7 @@ -Use the `RegisterUser` operation to create an Amazon QuickSight user whose identity is associated with the IAM identity or role specified in the request. +Use the `RegisterUser` operation to create an Amazon QuickSight user whose identity is associated with the IAM identity or role specified in the request. When you register a new user from the Amazon QuickSight API, Amazon QuickSight generates a registration URL. The user accesses this registration URL to create their account. Amazon QuickSight does not send a registration email to users who are registered from the Amazon QuickSight API.