AWS Security ChangesHomeSearch

AWS redshift medium security documentation change

Service: redshift · 2025-10-25 · Security-related medium

File: redshift/latest/mgmt/data-api-trusted-identity-propagation.md

Summary

Updated CloudTrail event example with detailed identity propagation context

Security assessment

Added detailed CloudTrail event structure showing identity propagation through 'onBehalfOf' field, which helps track delegated access - critical for auditing and security monitoring

Diff

diff --git a/redshift/latest/mgmt/data-api-trusted-identity-propagation.md b/redshift/latest/mgmt/data-api-trusted-identity-propagation.md
index aa56e0780..bf1ce6b61 100644
--- a//redshift/latest/mgmt/data-api-trusted-identity-propagation.md
+++ b//redshift/latest/mgmt/data-api-trusted-identity-propagation.md
@@ -47,7 +46,0 @@ API calls made by the IAM Identity Center user can be tracked in AWS CloudTrail.
-JSON
-    
-
-****
-    
-    
-    
@@ -54,0 +48,16 @@ JSON
+    {
+                "eventVersion":"1.10",
+                "userIdentity":{
+                "type":"AssumedRole",
+                ...
+                },
+                "onBehalfOf":{
+                "userId":"a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
+                "identityStoreArn":"arn:aws:identitystore::123456789012:identitystore/d-9067bc44d2"
+                }
+                },
+                "eventTime":"2025-01-13T04:46:27Z",
+                "eventSource":"redshift-data.amazonaws.com",
+                "eventName":"ExecuteStatement",
+                "awsRegion":"us-east-1"
+                }