AWS IAM documentation change
Summary
Replaced references to 'federated users' with 'SAML federated principals' in policy context
Security assessment
Terminology update to align with IAM concepts. While discussing policy permissions, the change does not introduce new security controls or address vulnerabilities.
Diff
diff --git a/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.md b/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.md index 8bae56c8e..8f8f38958 100644 --- a//IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.md +++ b//IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.md @@ -21 +21 @@ If you can't specify a URL directly, then download the XML document from the pre -You also need to create appropriate claim rules in your IdP that specify AWS as a relying party. When the IdP sends a SAML response to the AWS endpoint, it includes a SAML _assertion_ that contains one or more _claims_. A claim is information about the user and its groups. A claim rule maps that information into SAML attributes. This lets you make sure that SAML authentication responses from your IdP contain the necessary attributes that AWS uses in IAM policies to check permissions for federated users. For more information, see the following topics: +You also need to create appropriate claim rules in your IdP that specify AWS as a relying party. When the IdP sends a SAML response to the AWS endpoint, it includes a SAML _assertion_ that contains one or more _claims_. A claim is information about the user and its groups. A claim rule maps that information into SAML attributes. This lets you make sure that SAML authentication responses from your IdP contain the necessary attributes that AWS uses in IAM policies to check permissions for SAML federated principals. For more information, see the following topics: @@ -23 +23 @@ You also need to create appropriate claim rules in your IdP that specify AWS as - * [Overview of the role to allow SAML-federated access to your AWS resources](./id_roles_providers_saml.html#CreatingSAML-configuring-role). This topic discusses using SAML-specific keys in IAM policies and how to use them to restrict permissions for SAML-federated users. + * [Overview of the role to allow SAML-federated access to your AWS resources](./id_roles_providers_saml.html#CreatingSAML-configuring-role). This topic discusses using SAML-specific keys in IAM policies and how to use them to restrict permissions for SAML federated principals.