AWS amazonq medium security documentation change
Summary
Added OAuth2 security requirements and fixed 'oauth2' type typo in OpenAPI schema documentation
Security assessment
Critical correction of security scheme type typo (ouath2 → oauth2) that could lead to misconfigurations, plus added OAuth2 security documentation
Diff
diff --git a/amazonq/latest/qbusiness-ug/plugins-api-schema.md b/amazonq/latest/qbusiness-ug/plugins-api-schema.md index 4c73d41d1..8ebc1fb00 100644 --- a//amazonq/latest/qbusiness-ug/plugins-api-schema.md +++ b//amazonq/latest/qbusiness-ug/plugins-api-schema.md @@ -39 +39,2 @@ The following is the general format of an OpenAPI schema for a custom plugin. - "responses": { ... } + "responses": { ... }, + "security": [ ... ] @@ -41,0 +43,4 @@ The following is the general format of an OpenAPI schema for a custom plugin. + }, + "security": [ + { + "OAuth2": ["read", "write"] @@ -42,0 +48 @@ The following is the general format of an OpenAPI schema for a custom plugin. + ], @@ -59,0 +66,2 @@ The following list describes fields in the OpenAPI schema + * `security` – (Required when using authentication) Defines which security schemes are applied to the whole API or specific operations. This is required when using OAuth authentication. + @@ -237 +245 @@ Following is the general structure of a `securityScheme` field: - ""securitySchemes": { + "securitySchemes": { @@ -255 +263 @@ If your API requires OAuth authorization, the OpenAPI schema needs to include se - * `type` – Must be `ouath2`. + * `type` – Must be `oauth2`.