AWS Security ChangesHomeSearch

AWS rolesanywhere documentation change

Service: rolesanywhere · 2025-10-19 · Documentation low

File: rolesanywhere/latest/userguide/getting-started.md

Summary

Added important note about AWS Private CA trust anchor validity period management

Security assessment

Documents security-related operational requirements for certificate validity periods, though no specific vulnerability is addressed.

Diff

diff --git a/rolesanywhere/latest/userguide/getting-started.md b/rolesanywhere/latest/userguide/getting-started.md
index f49fc9123..709970b4a 100644
--- a//rolesanywhere/latest/userguide/getting-started.md
+++ b//rolesanywhere/latest/userguide/getting-started.md
@@ -35,0 +36,4 @@ The first step of using IAM Roles Anywhere is creating a trust anchor, which req
+###### Important
+
+For AWS Private CA trust anchors, only the validity period can be modified after creation. When the validity period changes, you must call UpdateTrustAnchor to register this change. IAM Roles Anywhere honors certificates based on the validity period found during the most recent TrustAnchor Create/Update event.
+