AWS singlesignon low security documentation change
Summary
Added error reason documentation for KMS-related access issues in DeleteGroup API errors
Security assessment
Added specific error reasons related to Customer Managed KMS key access failures. This documents security-related error handling for encryption key management, which is a security feature. However, there's no evidence of addressing a specific vulnerability.
Diff
diff --git a/singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroup.md b/singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroup.md index d6cb54274..1156242e5 100644 --- a//singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroup.md +++ b//singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroup.md @@ -8,0 +9,2 @@ Request SyntaxRequest ParametersResponse ElementsErrorsExamplesSee Also +Delete a group within an identity store given `GroupId`. + @@ -61,0 +64,5 @@ You do not have sufficient access to perform this action. +**Reason** + + +Indicates the reason for an access denial when returned by KMS while accessing a Customer Managed KMS key. For non-KMS access-denied errors, this field is not included. + @@ -121,0 +129,5 @@ Indicates that a requested resource is not found. +**Reason** + + +Indicates the reason for a resource not found error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. + @@ -143,0 +156,5 @@ Indicates that the principal has crossed the throttling limits of the API operat +**Reason** + + +Indicates the reason for the throttling error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. + @@ -160,0 +178,5 @@ The request failed because it contains a syntax error. +**Reason** + + +Indicates the reason for the validation error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. +