AWS Security ChangesHomeSearch

AWS singlesignon documentation change

Service: singlesignon · 2025-08-19 · Documentation low

File: singlesignon/latest/userguide/authconcept.md

Summary

Clarified user permission propagation timing and updated table descriptions

Security assessment

Added a note about AWS access portal and CLI reflecting permission changes within 1 hour. This documents security-relevant behavior around permission propagation but does not indicate a security issue fix.

Diff

diff --git a/singlesignon/latest/userguide/authconcept.md b/singlesignon/latest/userguide/authconcept.md
index 998d2014b..1cf514157 100644
--- a//singlesignon/latest/userguide/authconcept.md
+++ b//singlesignon/latest/userguide/authconcept.md
@@ -25 +25 @@ When an IAM Identity Center administrator [revokes a user's session](./end-activ
-The following table summarizes the previously described IAM Identity Center behaviors:
+This table summarizes how user management changes affect access to IAM resources, application sessions, and AWS account sessions.
@@ -36 +36 @@ When an IAM Identity Center administrator [removes application access](./removea
-The following table summarizes the previously described IAM Identity Center behaviors:
+This table summarizes how changes to user permissions and group memberships affect access to IAM Identity Center resources, application sessions, and AWS account sessions.
@@ -43,0 +44,4 @@ Application or AWS account access removed from group | No - User can continue ac
+###### Note
+
+The AWS access portal and AWS CLI will reflect updated user permissions within 1 hour after you add or remove a user from a group. 
+