AWS Security ChangesHomeSearch

AWS amplify high security documentation change

Service: amplify · 2025-06-19 · Security-related high

File: amplify/latest/userguide/using-access-logs.md

Summary

Added warning about avoiding secrets in URL parameters due to access log exposure

Security assessment

Reinforces security best practices by warning about plaintext exposure of sensitive data in access logs. This directly addresses credential leakage risks in logging systems.

Diff

diff --git a/amplify/latest/userguide/using-access-logs.md b/amplify/latest/userguide/using-access-logs.md
index a8ec658d3..cc8857b67 100644
--- a//amplify/latest/userguide/using-access-logs.md
+++ b//amplify/latest/userguide/using-access-logs.md
@@ -10,0 +11,4 @@ Amplify stores access logs for all of the apps you host in Amplify. Access logs
+###### Warning
+
+Don’t include secrets, credentials, or sensitive data in URLs as path or query parameters. These values are viewable in plain text in your Amplify application’s access logs.
+