AWS amazonq documentation change
Summary
Added 'sts:TagSession' IAM permission requirement and new tenantId documentation for ISV integrations
Security assessment
Introduces documentation for session tagging (security feature) and tenant isolation guidance, but does not address a specific security vulnerability. The 'sts:TagSession' addition helps implement security best practices for session management.
Diff
diff --git a/amazonq/latest/qbusiness-ug/isv-info-to-provide.md b/amazonq/latest/qbusiness-ug/isv-info-to-provide.md index 5bc5d8c59..807725192 100644 --- a//amazonq/latest/qbusiness-ug/isv-info-to-provide.md +++ b//amazonq/latest/qbusiness-ug/isv-info-to-provide.md @@ -54 +54,2 @@ Before an independent software provider or vendor (ISV) can become a verified da - "sts:SetContext" + "sts:SetContext", + "sts:TagSession" @@ -59,0 +61,10 @@ Before an independent software provider or vendor (ISV) can become a verified da + * ISV `tenantId` + + * What is `tenantId`? + +The `tenantID` is a unique identifier for your application tenant. Each application might have different terms for a tenant such as Workspace ID for Slack or Domain ID for Asana. + + * Where do you find the `tenantId`? + +Provide info as to where can the IT Admin of an enterprise can find this information on the ISV. +