AWS Security ChangesHomeSearch

AWS appstream2 medium security documentation change

Service: appstream2 · 2025-07-25 · Security-related medium

File: appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md

Summary

Updated SAML policy ARNs with specific account IDs and regions

Security assessment

Hardcoded account IDs (e.g., '111122223333') prevent misconfiguration in federated access policies, reducing risk of unauthorized access.

Diff

diff --git a/appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md b/appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md
index 53b9e432e..a5c27bd08 100644
--- a//appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md
+++ b//appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md
@@ -107 +107 @@ JSON
-            "Federated": "arn:aws:iam::ACCOUNT-ID-WITHOUT-HYPHENS:saml-provider/IDENTITY-PROVIDER"
+                    "Federated": "arn:aws:iam::111122223333:saml-provider/IDENTITY-PROVIDER"
@@ -151 +150 @@ JSON
-          "Resource": "arn:aws:appstream:REGION-CODE:ACCOUNT-ID-WITHOUT-HYPHENS:stack/STACK-NAME",
+                "Resource": "arn:aws:appstream:us-east-1:ACCOUNT-ID-WITHOUT-HYPHENS:stack/STACK-NAME",