AWS Security ChangesHomeSearch

AWS systems-manager-automation-runbooks documentation change

Service: systems-manager-automation-runbooks · 2025-11-07 · Documentation low

File: systems-manager-automation-runbooks/latest/userguide/awssupport-troubleshootsamlissues.md

Summary

Updated example service reference from 'Amazon AppStream 2.0' to 'Amazon WorkSpaces Applications' in SAML documentation

Security assessment

The change only updates an example AWS service reference in SAML troubleshooting documentation. There is no evidence of addressing security vulnerabilities or adding new security features.

Diff

diff --git a/systems-manager-automation-runbooks/latest/userguide/awssupport-troubleshootsamlissues.md b/systems-manager-automation-runbooks/latest/userguide/awssupport-troubleshootsamlissues.md
index 404cbd320..703a01fce 100644
--- a//systems-manager-automation-runbooks/latest/userguide/awssupport-troubleshootsamlissues.md
+++ b//systems-manager-automation-runbooks/latest/userguide/awssupport-troubleshootsamlissues.md
@@ -9 +9 @@
-The **AWSSupport-TroubleshootSAMLIssues** automation runbook helps diagnose Security Assertion Markup Language (SAML) related issues by analyzing SAML response files stored in Amazon Simple Storage Service (Amazon S3). It performs comprehensive validation including schema verification, signature validation, audience restriction checking, and expiration time verification. The runbook decodes and extracts key SAML elements including issuer, assertions, subject, conditions, signatures, and attributes from the SAML response. For environments where SAML is used to access AWS resources (such as Amazon Connect or Amazon AppStream 2.0) through an IAM Identity Provider, it verifies whether the certificates in the SAML response signatures match the certificates configured in the IAM Identity Provider. 
+The **AWSSupport-TroubleshootSAMLIssues** automation runbook helps diagnose Security Assertion Markup Language (SAML) related issues by analyzing SAML response files stored in Amazon Simple Storage Service (Amazon S3). It performs comprehensive validation including schema verification, signature validation, audience restriction checking, and expiration time verification. The runbook decodes and extracts key SAML elements including issuer, assertions, subject, conditions, signatures, and attributes from the SAML response. For environments where SAML is used to access AWS resources (such as Amazon Connect or Amazon WorkSpaces Applications) through an IAM Identity Provider, it verifies whether the certificates in the SAML response signatures match the certificates configured in the IAM Identity Provider.