AWS Security ChangesHomeSearch

AWS keyspaces medium security documentation change

Service: keyspaces · 2025-07-16 · Security-related medium

File: keyspaces/latest/StreamsAPIReference/API_GetShardIterator.md

Summary

Extended shard iterator validity from 5 to 15 minutes and updated HTTP status codes for errors (403/404/429 to 400).

Security assessment

Changing HTTP 403 (Forbidden) to 400 (Bad Request) for permission-related errors may reduce clarity in authorization failure responses, potentially impacting security monitoring and error handling workflows.

Diff

diff --git a/keyspaces/latest/StreamsAPIReference/API_GetShardIterator.md b/keyspaces/latest/StreamsAPIReference/API_GetShardIterator.md
index bb1a75a56..c0ff68d56 100644
--- a//keyspaces/latest/StreamsAPIReference/API_GetShardIterator.md
+++ b//keyspaces/latest/StreamsAPIReference/API_GetShardIterator.md
@@ -98 +98 @@ The following data is returned in JSON format by the service.
-The unique identifier for the shard iterator. This value is used in the `GetRecords` operation to retrieve data records from the specified shard. Each shard iterator expires 5 minutes after it is returned to the requester. 
+The unique identifier for the shard iterator. This value is used in the `GetRecords` operation to retrieve data records from the specified shard. Each shard iterator expires 15 minutes after it is returned to the requester. 
@@ -115 +115 @@ This exception occurs when your IAM user or role lacks the required permissions
-HTTP Status Code: 403
+HTTP Status Code: 400
@@ -133 +133 @@ This exception occurs when you attempt to access a keyspace, table, stream, or o
-HTTP Status Code: 404
+HTTP Status Code: 400
@@ -142 +142 @@ This exception occurs when you send too many requests in a short period of time.
-HTTP Status Code: 429
+HTTP Status Code: 400