AWS Security ChangesHomeSearch

AWS amazonq documentation change

Service: amazonq · 2025-05-22 · Documentation medium

File: amazonq/latest/qbusiness-ug/isv-info-to-provide.md

Summary

Added 'sts:TagSession' IAM permission requirement and new tenantId documentation for ISV integrations

Security assessment

Introduces documentation for session tagging (security feature) and tenant isolation guidance, but does not address a specific security vulnerability. The 'sts:TagSession' addition helps implement security best practices for session management.

Diff

diff --git a/amazonq/latest/qbusiness-ug/isv-info-to-provide.md b/amazonq/latest/qbusiness-ug/isv-info-to-provide.md
index 5bc5d8c59..807725192 100644
--- a//amazonq/latest/qbusiness-ug/isv-info-to-provide.md
+++ b//amazonq/latest/qbusiness-ug/isv-info-to-provide.md
@@ -54 +54,2 @@ Before an independent software provider or vendor (ISV) can become a verified da
-                        "sts:SetContext"
+                        "sts:SetContext",
+                        "sts:TagSession"
@@ -59,0 +61,10 @@ Before an independent software provider or vendor (ISV) can become a verified da
+    * ISV `tenantId`
+
+      * What is `tenantId`?
+
+The `tenantID` is a unique identifier for your application tenant. Each application might have different terms for a tenant such as Workspace ID for Slack or Domain ID for Asana. 
+
+      * Where do you find the `tenantId`?
+
+Provide info as to where can the IT Admin of an enterprise can find this information on the ISV.
+