AWS Security ChangesHomeSearch

AWS partner-central medium security documentation change

Service: partner-central · 2025-05-31 · Security-related medium

File: partner-central/latest/crm/set-up-real-time-notifications.md

Summary

Updated Salesforce connected app configuration steps with detailed OAuth settings requirements including PKCE enforcement, secret requirements, and IP restrictions. Added AWS CloudFormation template deployment process for notification setup.

Security assessment

The changes explicitly mandate security controls like requiring Proof Key for Code Exchange (PKCE), enforcing secrets for web server/refresh token flows, and IP restriction enforcement. These are OAuth2 security best practices to prevent authorization code interception and unauthorized access. The documentation now clearly specifies these security requirements where previous version lacked detail.

Diff