AWS Security ChangesHomeSearch

AWS singlesignon documentation change

Service: singlesignon · 2025-06-10 · Documentation medium

File: singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md

Summary

Added 5 new OAuth2 scopes for AWS services (Verified Access, Redshift, DataZone, NoSQL Workbench, Transform)

Security assessment

Adds documentation about security-related OAuth2 scopes that control access to AWS services, but does not address any specific security vulnerability.

Diff

diff --git a/singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md b/singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md
index 8c915c181..8d09b3839 100644
--- a//singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md
+++ b//singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md
@@ -113,0 +114,5 @@ Scope | Description | Services supported by
+`verified_access:application:connect` | Enable AWS Verified Access | AWS Verified Access  
+`redshift:connect` | Connect to Amazon Redshift | Amazon Redshift  
+`datazone:domain:access` | Access your DataZone Domain Execution Role | Amazon DataZone  
+`nosqlworkbench:datamodeladviser` | Create and read data models | NoSQL Workbench  
+`transform:read_write` | Enable access to AWS Transform Agent for code transformation | AWS Transform