AWS Security ChangesHomeSearch

AWS amazonq documentation change

Service: amazonq · 2025-05-01 · Documentation low

File: amazonq/latest/qdeveloper-ug/security_iam_permissions.md

Summary

Added new IAM permissions for third-party application integration (CreateAuthGrant, CreateOAuthAppConnection, UpdateAuthGrant, UpdateOAuthAppConnection, SentEvent)

Security assessment

Documents new permissions related to OAuth app management and third-party integrations, which are security controls but does not indicate remediation of a specific vulnerability. Enhances security documentation without addressing a known issue.

Diff

diff --git a/amazonq/latest/qdeveloper-ug/security_iam_permissions.md b/amazonq/latest/qdeveloper-ug/security_iam_permissions.md
index ced6e7852..8ee77b057 100644
--- a//amazonq/latest/qdeveloper-ug/security_iam_permissions.md
+++ b//amazonq/latest/qdeveloper-ug/security_iam_permissions.md
@@ -92,0 +93,2 @@ Administrator permissions
+`q:CreateAuthGrant` |  Register a third-party application user with Amazon Q |  No  
+`q:CreateOAuthAppConnection` |  Register a third-party OAuth application with Amazon Q |  No  
@@ -100,0 +103 @@ Administrator permissions
+`q:SentEvent` |  Send events from third-party application to Amazon Q for processing |  No  
@@ -101,0 +105,2 @@ Administrator permissions
+`q:UpdateAuthGrant` |  Update a third-party application user with Amazon Q |  No  
+`q:UpdateOAuthAppConnection` |  Update a third-party OAuth application with Amazon Q |  No