AWS workspaces documentation change
Summary
Expanded list of smart card authentication endpoints and user login pages across multiple regions
Security assessment
The changes document additional security-related endpoints for smart card authentication and user logins, which are critical for configuring secure network access. While this improves clarity around security features, there is no evidence of addressing a specific security vulnerability.
Diff
diff --git a/workspaces/latest/adminguide/workspaces-port-requirements.md b/workspaces/latest/adminguide/workspaces-port-requirements.md index 9f315b838..0f335df44 100644 --- a//workspaces/latest/adminguide/workspaces-port-requirements.md +++ b//workspaces/latest/adminguide/workspaces-port-requirements.md @@ -276,2 +276,6 @@ Pre-session Smart Card Authentication Endpoints | - * https://smartcard.us-east-1.signin.aws - * https://smartcard.us-west-2.signin.aws + * https://smartcard.af-south-1.signin.aws + * https://smartcard.af-south-1.apps.signin.aws + * https://smartcard.ap-south-1.signin.aws + * https://smartcard.ap-south-1.apps.signin.aws + * https://smartcard.ap-southeast-1.signin.aws + * https://smartcard.ap-southeast-1.apps.signin.aws @@ -278,0 +283 @@ Pre-session Smart Card Authentication Endpoints | + * https://smartcard.ap-southeast-2.apps.signin.aws @@ -279,0 +285,7 @@ Pre-session Smart Card Authentication Endpoints | + * https://smartcard.ap-northeast-1.apps.signin.aws + * https://smartcard.ap-northeast-2.signin.aws + * https://smartcard.ap-northeast-2.apps.signin.aws + * https://smartcard.ca-central-1.signin.aws + * https://smartcard.ca-central-1.apps.signin.aws + * https://smartcard.eu-central-1.signin.aws + * https://smartcard.eu-central-1.apps.signin.aws @@ -280,0 +293,17 @@ Pre-session Smart Card Authentication Endpoints | + * https://smartcard.eu-west-1.apps.signin.aws + * https://smartcard.eu-west-2.signin.aws + * https://smartcard.eu-west-2.apps.signin.aws + * https://smartcard.eu-west-3.signin.aws + * https://smartcard.eu-west-3.apps.signin.aws + * https://smartcard.il-central-1.signin.aws + * https://smartcard.il-central-1.apps.signin.aws + * https://smartcard.sa-east-1.signin.aws + * https://smartcard.sa-east-1.apps.signin.aws + * https://smartcard.us-east-1.signin.aws + * https://smartcard.us-east-1.apps.signin.aws + * https://smartcard.us-west-2.signin.aws + * https://smartcard.us-west-2.apps.signin.aws + * https://smartcard.us-gov-east-1.signin-fips.amazonaws-us-gov.com + * https://smartcard.us-gov-east-1.apps.signin-fips.amazonaws-us-gov.com + * https://smartcard.us-gov-west-1.signin.amazonaws-us-gov.com + * https://smartcard.us-gov-west-1.apps.signin.amazonaws-us-gov.com @@ -284 +313,78 @@ Pre-session Smart Card Authentication Endpoints | -User Login Pages | https://<directory id>.awsapps.com/ (where <directory id> is the customer's domain) In the AWS GovCloud (US-West) and AWS GovCloud (US-East) Regions: https://login.us-gov-home.awsapps.com/directory/<directory id>/ (where <directory id> is the customer's domain) +User Login Pages | + + * https://af-south-1.signin.aws + * https://af-south-1.signin.aws.amazon.com + * https://af-south-1.sso.signin.aws + * https://af-south-1.apps.signin.aws + * https://ap-south-1.signin.aws + * https://ap-south-1.signin.aws.amazon.com + * https://ap-south-1.sso.signin.aws + * https://ap-south-1.apps.signin.aws + * https://ap-southeast-1.signin.aws + * https://ap-southeast-1.signin.aws.amazon.com + * https://ap-southeast-1.sso.signin.aws + * https://ap-southeast-1.apps.signin.aws + * https://ap-southeast-2.signin.aws + * https://ap-southeast-2.signin.aws.amazon.com + * https://ap-southeast-2.sso.signin.aws + * https://ap-southeast-2.apps.signin.aws + * https://ap-northeast-1.signin.aws + * https://ap-northeast-1.signin.aws.amazon.com + * https://ap-northeast-1.sso.signin.aws + * https://ap-northeast-1.apps.signin.aws + * https://ap-northeast-2.signin.aws + * https://ap-northeast-2.signin.aws.amazon.com + * https://ap-northeast-2.sso.signin.aws + * https://ap-northeast-2.apps.signin.aws + * https://ca-central-1.signin.aws + * https://ca-central-1.signin.aws.amazon.com + * https://ca-central-1.sso.signin.aws + * https://ca-central-1.apps.signin.aws + * https://eu-central-1.signin.aws + * https://eu-central-1.signin.aws.amazon.com + * https://eu-central-1.sso.signin.aws + * https://eu-central-1.apps.signin.aws + * https://eu-west-1.signin.aws + * https://eu-west-1.signin.aws.amazon.com + * https://eu-west-1.sso.signin.aws + * https://eu-west-1.apps.signin.aws + * https://eu-west-2.signin.aws + * https://eu-west-2.signin.aws.amazon.com + * https://eu-west-2.sso.signin.aws + * https://eu-west-2.apps.signin.aws + * https://eu-west-3.signin.aws + * https://eu-west-3.signin.aws.amazon.com + * https://eu-west-3.sso.signin.aws + * https://eu-west-3.apps.signin.aws + * https://il-central-1.signin.aws + * https://il-central-1.signin.aws.amazon.com + * https://il-central-1.sso.signin.aws + * https://il-central-1.apps.signin.aws + * https://sa-east-1.signin.aws + * https://sa-east-1.signin.aws.amazon.com + * https://sa-east-1.sso.signin.aws + * https://sa-east-1.apps.signin.aws + * https://us-east-1.signin.aws + * https://us-east-1.signin.aws.amazon.com + * https://us-east-1.sso.signin.aws + * https://us-east-1.apps.signin.aws + * https://us-west-2.signin.aws + * https://us-west-2.signin.aws.amazon.com + * https://us-west-2.sso.signin.aws + * https://us-west-2.apps.signin.aws + * https://us-gov-east-1.signin-fips.amazonaws-us-gov.com + * https://us-gov-east-1.sso.signin-fips.aws-us-gov.com + * https://us-gov-east-1.apps.signin-fips.aws-us-gov.com + * https://us-gov-west-1.signin.amazonaws-us-gov.com + * https://us-gov-west-1.sso.signin.aws-us-gov.com + * https://us-gov-west-1.apps.signin.aws-us-gov.com + +https://`directory_id`.awsapps.com/ + +###### Note + +**directory id** is the customer's domain. In the AWS GovCloud (US-West) and AWS GovCloud (US-East) Regions: https://login.us-gov-home.awsapps.com/directory/`directory id`/ + +###### Note + +**directory id** is the customer's domain.