AWS apigateway documentation change
Summary
Updated policy example to include Signature Version 4a (SigV4a) protocol support
Security assessment
Added documentation about SigV4a security protocol support but no specific vulnerability addressed
Diff
diff --git a/apigateway/latest/developerguide/apigateway-resource-policies-examples.md b/apigateway/latest/developerguide/apigateway-resource-policies-examples.md index 7ace57778..b7c81c8e2 100644 --- a//apigateway/latest/developerguide/apigateway-resource-policies-examples.md +++ b//apigateway/latest/developerguide/apigateway-resource-policies-examples.md @@ -28 +28 @@ The following example policies use a simplified syntax to specify the API resour -The following example resource policy grants API access in one AWS account to two roles in a different AWS account via [Signature Version 4](https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html) (SigV4) protocols. Specifically, the developer and the administrator role for the AWS account identified by ``account-id-2`` are granted the `execute-api:Invoke` action to execute the `GET` action on the `pets` resource (API) in your AWS account. +The following example resource policy grants API access in one AWS account to two roles in a different AWS account via [Signature Version 4](https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html) (SigV4) or [Signature Version 4a](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html#how-sigv4a-works) (SigV4a) protocols. Specifically, the developer and the administrator role for the AWS account identified by ``account-id-2`` are granted the `execute-api:Invoke` action to execute the `GET` action on the `pets` resource (API) in your AWS account.