AWS mwaa documentation change
Summary
Updated REST API authentication code example: changed login URL path, cookie name, and function name.
Security assessment
The changes appear to reflect updates to authentication flow implementation (e.g., using 'session' cookies instead of '_token'), but there is no explicit evidence of a security vulnerability being addressed. This is likely a routine update to align with backend changes.
Diff
diff --git a/mwaa/latest/userguide/access-mwaa-apache-airflow-rest-api.md b/mwaa/latest/userguide/access-mwaa-apache-airflow-rest-api.md index a69f2bf7b..8a22c701e 100644 --- a//mwaa/latest/userguide/access-mwaa-apache-airflow-rest-api.md +++ b//mwaa/latest/userguide/access-mwaa-apache-airflow-rest-api.md @@ -229 +229 @@ Apache Airflow v2 - def get_token_info(region, env_name): + def get_session_info(region, env_name): @@ -242 +242 @@ Apache Airflow v2 - login_url = f"https://{web_server_host_name}/pluginsv2/aws_mwaa/login" + login_url = f"https://{web_server_host_name}/aws_mwaa/login" @@ -252 +252 @@ Apache Airflow v2 - # Check if login was successful + # Check if login was succesfull @@ -258 +258 @@ Apache Airflow v2 - response.cookies['_token'] + response.cookies["session"]