AWS singlesignon documentation change
Summary
Added KMS-related error reason documentation for access denial, resource not found, throttling, and validation errors
Security assessment
The changes document how KMS-related errors are reported when using Customer Managed Keys, improving transparency about security-related error handling. This clarifies security feature behavior but does not address a specific vulnerability.
Diff
diff --git a/singlesignon/latest/IdentityStoreAPIReference/API_CreateGroup.md b/singlesignon/latest/IdentityStoreAPIReference/API_CreateGroup.md index 35d87ca8c..7c316de67 100644 --- a//singlesignon/latest/IdentityStoreAPIReference/API_CreateGroup.md +++ b//singlesignon/latest/IdentityStoreAPIReference/API_CreateGroup.md @@ -8,0 +9,2 @@ Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSe +Creates a group within the specified identity store. + @@ -107,0 +110,5 @@ You do not have sufficient access to perform this action. +**Reason** + + +Indicates the reason for an access denial when returned by KMS while accessing a Customer Managed KMS key. For non-KMS access-denied errors, this field is not included. + @@ -167,0 +175,5 @@ Indicates that a requested resource is not found. +**Reason** + + +Indicates the reason for a resource not found error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. + @@ -201,0 +214,5 @@ Indicates that the principal has crossed the throttling limits of the API operat +**Reason** + + +Indicates the reason for the throttling error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. + @@ -218,0 +236,5 @@ The request failed because it contains a syntax error. +**Reason** + + +Indicates the reason for the validation error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. +