AWS cli medium security documentation change
Summary
Added --force flag to bypass validation when deleting automated reasoning policies
Security assessment
The --force flag introduces a potential security risk by allowing policy deletion without validation of artifact cleanup. This could enable accidental or malicious deletion of active resources if misconfigured, though no explicit vulnerability is mentioned.
Diff
diff --git a/cli/latest/reference/bedrock/delete-automated-reasoning-policy.md b/cli/latest/reference/bedrock/delete-automated-reasoning-policy.md index ed75c6c3b..411ad6821 100644 --- a//cli/latest/reference/bedrock/delete-automated-reasoning-policy.md +++ b//cli/latest/reference/bedrock/delete-automated-reasoning-policy.md @@ -15 +15 @@ - * [AWS CLI 2.31.13 Command Reference](../../index.html) » + * [AWS CLI 2.31.16 Command Reference](../../index.html) » @@ -67,0 +68 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/bedroc + [--force | --no-force] @@ -103,0 +105,4 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/bedroc +`--force` | `--no-force` (boolean) + +> Specifies whether to force delete the automated reasoning policy even if it has active resources. When `false` , Amazon Bedrock validates if all artifacts have been deleted (e.g. policy version, test case, test result) for a policy before deletion. When `true` , Amazon Bedrock will delete the policy and all its artifacts without validation. Default is `false` . + @@ -215 +220 @@ None - * [AWS CLI 2.31.13 Command Reference](../../index.html) » + * [AWS CLI 2.31.16 Command Reference](../../index.html) »