AWS Security ChangesHomeSearch

AWS singlesignon documentation change

Service: singlesignon · 2025-08-13 · Documentation low

File: singlesignon/latest/userguide/permissionsetsconcept.md

Summary

Updated grammar ('they're' to 'they are') and modified documentation link text for session duration configuration

Security assessment

The changes are grammatical corrections and link text updates. While the document discusses least-privilege permissions (a security best practice), the edits themselves do not introduce new security documentation or address a specific security issue.

Diff

diff --git a/singlesignon/latest/userguide/permissionsetsconcept.md b/singlesignon/latest/userguide/permissionsetsconcept.md
index 03850c618..0ff2dcc49 100644
--- a//singlesignon/latest/userguide/permissionsetsconcept.md
+++ b//singlesignon/latest/userguide/permissionsetsconcept.md
@@ -19 +19 @@ To create a permission set, see [Create, manage, and delete permission sets](./p
-To follow the best practice of applying least-privilege permissions, after you create an administrative permission set, you create a more restrictive permission set and assign it to one or more users. The permission sets created in the previous procedure provide a starting point for you to assess the amount of access to resources your users need. To switch to least privilege permissions, you can run IAM Access Analyzer to monitor principals with AWS managed policies. After learning which permissions they're using, then you can write a custom policy or generate a policy with only the required permissions for your team. 
+To follow the best practice of applying least-privilege permissions, after you create an administrative permission set, you create a more restrictive permission set and assign it to one or more users. The permission sets created in the previous procedure provide a starting point for you to assess the amount of access to resources your users need. To switch to least privilege permissions, you can run IAM Access Analyzer to monitor principals with AWS managed policies. After learning which permissions they are using, then you can write a custom policy or generate a policy with only the required permissions for your team. 
@@ -37 +37 @@ When users federate into their AWS account and use the AWS Management Console or
-By default, the value for **Maximum session duration** , which determines the length of time that a workforce user can be signed in to the AWS access portal before they must re-authenticate, is eight hours. You can specify a maximum value of 90 days. For more information, see [Configure the session duration of the AWS access portal and IAM Identity Center integrated applications](./configure-user-session.html).
+By default, the value for **Maximum session duration** , which determines the length of time that a workforce user can be signed in to the AWS access portal before they must re-authenticate, is eight hours. You can specify a maximum value of 90 days. For more information, see [Configure the session duration in IAM Identity Center](./configure-user-session.html).