AWS singlesignon documentation change
Summary
Added 5 new OAuth2 scopes for AWS services (Verified Access, Redshift, DataZone, NoSQL Workbench, Transform)
Security assessment
Adds documentation about security-related OAuth2 scopes that control access to AWS services, but does not address any specific security vulnerability.
Diff
diff --git a/singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md b/singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md index 8c915c181..8d09b3839 100644 --- a//singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md +++ b//singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md @@ -113,0 +114,5 @@ Scope | Description | Services supported by +`verified_access:application:connect` | Enable AWS Verified Access | AWS Verified Access +`redshift:connect` | Connect to Amazon Redshift | Amazon Redshift +`datazone:domain:access` | Access your DataZone Domain Execution Role | Amazon DataZone +`nosqlworkbench:datamodeladviser` | Create and read data models | NoSQL Workbench +`transform:read_write` | Enable access to AWS Transform Agent for code transformation | AWS Transform