AWS Security ChangesHomeSearch

AWS cli medium security documentation change

Service: cli · 2025-08-19 · Security-related medium

File: cli/latest/reference/s3control/put-access-grants-instance-resource-policy.md

Summary

Updated CLI version reference, added warning about URL encoding headers with spaces

Security assessment

Warning about URL encoding signed headers prevents potential authentication bypass scenarios where unencoded spaces could cause signature validation failures or misinterpretation of policy headers.

Diff

diff --git a/cli/latest/reference/s3control/put-access-grants-instance-resource-policy.md b/cli/latest/reference/s3control/put-access-grants-instance-resource-policy.md
index 3401e4f96..77fbf950e 100644
--- a//cli/latest/reference/s3control/put-access-grants-instance-resource-policy.md
+++ b//cli/latest/reference/s3control/put-access-grants-instance-resource-policy.md
@@ -15 +15 @@
-  * [AWS CLI 2.28.11 Command Reference](../../index.html) »
+  * [AWS CLI 2.28.12 Command Reference](../../index.html) »
@@ -64,0 +65,4 @@ You must have the `s3:PutAccessGrantsInstanceResourcePolicy` permission to use t
+### Warning
+
+You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt` , containing two spaces after `my` , you must URL encode this value to `my%20%20file.txt` .
+
@@ -231 +235 @@ CreatedAt -> (timestamp)
-  * [AWS CLI 2.28.11 Command Reference](../../index.html) »
+  * [AWS CLI 2.28.12 Command Reference](../../index.html) »