AWS Security ChangesHomeSearch

AWS amazonq high security documentation change

Service: amazonq · 2025-07-16 · Security-related high

File: amazonq/latest/qdeveloper-ug/command-line-chat-security.md

Summary

Updated command references from 'trustall' to 'trust-all' and adjusted related security warnings

Security assessment

The changes emphasize security risks of using '/tools trust-all' (previously 'trustall') which bypasses confirmation prompts. The documentation explicitly warns against using this in production/sensitive environments and provides mitigation steps, indicating a security-critical command.

Diff

diff --git a/amazonq/latest/qdeveloper-ug/command-line-chat-security.md b/amazonq/latest/qdeveloper-ug/command-line-chat-security.md
index d04c69432..a62ff798e 100644
--- a//amazonq/latest/qdeveloper-ug/command-line-chat-security.md
+++ b//amazonq/latest/qdeveloper-ug/command-line-chat-security.md
@@ -5 +5 @@
-Understanding security risksGeneral security best practicesUsing /tools trustall safely
+Understanding security risksGeneral security best practicesUsing /tools trust-all safely
@@ -26 +26 @@ When using Amazon Q, be aware of the following potential security risks:
-These risks are significantly increased when using `/tools trustall` or `/acceptall`, which bypass confirmation prompts.
+These risks are significantly increased when using `/tools trust-all` or `/acceptall`, which bypass confirmation prompts.
@@ -41 +41 @@ Specific examples of risks include:
-AWS recommends against using `/tools trustall` or `/acceptall` mode in production environments or when working with sensitive data or resources. You are responsible for all actions performed by Amazon Q when these modes are enabled.
+AWS recommends against using `/tools trust-all` or `/acceptall` mode in production environments or when working with sensitive data or resources. You are responsible for all actions performed by Amazon Q when these modes are enabled.
@@ -80 +80 @@ For environments with highly sensitive information, consider these additional me
-## Using /tools trustall safely
+## Using /tools trust-all safely
@@ -86 +86 @@ If you must use `/tools trustall` or `/acceptall` for specific workflows, follow
-  * Enable `/tools trustall` only for specific tasks, then immediately disable it using `/tools reset` to return to default permissions
+  * Enable `/tools trust-all` only for specific tasks, then immediately disable it using `/tools reset` to return to default permissions
@@ -88 +88 @@ If you must use `/tools trustall` or `/acceptall` for specific workflows, follow
-  * Back up important data before enabling `/tools trustall`
+  * Back up important data before enabling `/tools trust-all`
@@ -90 +90 @@ If you must use `/tools trustall` or `/acceptall` for specific workflows, follow
-  * Use AWS credentials with minimal permissions when `/tools trustall` is enabled
+  * Use AWS credentials with minimal permissions when `/tools trust-all` is enabled
@@ -92 +92 @@ If you must use `/tools trustall` or `/acceptall` for specific workflows, follow
-  * Carefully monitor all actions Amazon Q takes while `/tools trustall` is enabled
+  * Carefully monitor all actions Amazon Q takes while `/tools trust-all` is enabled
@@ -97 +97 @@ If you must use `/tools trustall` or `/acceptall` for specific workflows, follow
-To return to the default permission settings after using `/tools trustall`, use the reset command:
+To return to the default permission settings after using `/tools trust-all`, use the reset command: