AWS elasticloadbalancing documentation change
Summary
Added note requiring consistent HTTPS port 443 usage with OIDC and CloudFront to prevent authentication failures.
Security assessment
Addresses potential misconfiguration that could lead to authentication issues, but documents best practices rather than fixing a security vulnerability.
Diff
diff --git a/elasticloadbalancing/latest/application/listener-authenticate-users.md b/elasticloadbalancing/latest/application/listener-authenticate-users.md index 9b895b3c2..f2b6fed3f 100644 --- a//elasticloadbalancing/latest/application/listener-authenticate-users.md +++ b//elasticloadbalancing/latest/application/listener-authenticate-users.md @@ -150,0 +151,2 @@ Enable the following settings if you are using a CloudFront distribution in fron + * When configuring OpenID Connect (OIDC) authentication in conjunction with Amazon CloudFront, ensure that HTTPS port 443 is consistently used throughout the entire connection path. Otherwise, authentication failures can occur because the client OIDC redirect URLs do not match the port number of the originally generated URI. +