AWS singlesignon documentation change
Summary
Updated grammar ('they're' to 'they are') and modified documentation link text for session duration configuration
Security assessment
The changes are grammatical corrections and link updates. The session duration recommendations remain unchanged, and there is no evidence of addressing a specific security vulnerability or weakness.
Diff
diff --git a/singlesignon/latest/userguide/permissionsets.md b/singlesignon/latest/userguide/permissionsets.md index 8a77326a8..eadfd83ee 100644 --- a//singlesignon/latest/userguide/permissionsets.md +++ b//singlesignon/latest/userguide/permissionsets.md @@ -25 +25 @@ With a predefined permission set, which uses [predefined permissions](./permissi -When users federate into their AWS account and use the AWS Management Console or the AWS Command Line Interface (AWS CLI), IAM Identity Center uses the session duration setting on the permission set to control the duration of the session. When the user session reaches the session duration they're signed out of the console and asked to sign in again. As a security best practice, we recommend that you don't set the session duration length longer than is needed to perform the role. By default, the value for **Session duration** is one hour. You can specify a maximum value of 12 hours. For more information, see [Set session duration for AWS accounts](./howtosessionduration.html). +When users federate into their AWS account and use the AWS Management Console or the AWS Command Line Interface (AWS CLI), IAM Identity Center uses the session duration setting on the permission set to control the duration of the session. When the user session reaches the session duration they are signed out of the console and asked to sign in again. As a security best practice, we recommend that you do not set the session duration length longer than is needed to perform the role. By default, the value for **Session duration** is one hour. You can specify a maximum value of 12 hours. For more information, see [Set session duration for AWS accounts](./howtosessionduration.html). @@ -29 +29 @@ When users federate into their AWS account and use the AWS Management Console or -Workforce users use portal sessions to choose roles and access applications. By default, the value for **Maximum session duration** , which determines the length of time that a workforce user can be signed in to the AWS access portal before they must re-authenticate, is eight hours. You can specify a maximum value of 90 days. For more information, see [Configure the session duration of the AWS access portal and IAM Identity Center integrated applications](./configure-user-session.html). +Workforce users use portal sessions to choose roles and access applications. By default, the value for **Maximum session duration** , which determines the length of time that a workforce user can be signed in to the AWS access portal before they must re-authenticate, is eight hours. You can specify a maximum value of 90 days. For more information, see [Configure the session duration in IAM Identity Center](./configure-user-session.html).