AWS Security ChangesHomeSearch

AWS amplify high security documentation change

Service: amplify · 2025-06-19 · Security-related high

File: amplify/latest/userguide/redirect-rewrite-examples.md

Summary

Added warning about avoiding secrets in URL parameters due to access log exposure

Security assessment

Explicitly warns against including sensitive data in URLs due to plaintext exposure in logs. This directly addresses a security risk of credential leakage through application logging.

Diff

diff --git a/amplify/latest/userguide/redirect-rewrite-examples.md b/amplify/latest/userguide/redirect-rewrite-examples.md
index cf6f94995..2ba3f1dd6 100644
--- a//amplify/latest/userguide/redirect-rewrite-examples.md
+++ b//amplify/latest/userguide/redirect-rewrite-examples.md
@@ -218,0 +219,4 @@ JSON format
+###### Warning
+
+Don’t include secrets, credentials, or sensitive data in URLs as path or query parameters. These values are viewable in plain text in your Amplify application’s access logs.
+