AWS singlesignon documentation change
Summary
Added documentation about member account access, new response fields (CreatedAt, CreatedBy, UpdatedAt, UpdatedBy), and KMS-related error reason explanations
Security assessment
Similar to the first file, this adds security-related documentation about access controls and KMS error handling without addressing specific vulnerabilities. The changes enhance clarity around security features like audit trails (via timestamp fields) and encryption key management dependencies.
Diff
diff --git a/singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMembershipsForMember.md b/singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMembershipsForMember.md index de9ab0600..d640ebab3 100644 --- a//singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMembershipsForMember.md +++ b//singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMembershipsForMember.md @@ -8,0 +9,6 @@ Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSe +For the specified member in the specified identity store, returns the list of all ` GroupMembership` objects and returns results in paginated form. + +###### Note + +If you have access to a member account, you can use this API operation from the member account. For more information, see [Limiting access to the identity store from member accounts](https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-accounts.html#limiting-access-from-member-accounts) in the _AWS IAM Identity Center User Guide_. + @@ -78,0 +85,2 @@ Required: No + "[CreatedAt](./API_GroupMembership.html#singlesignon-Type-GroupMembership-CreatedAt)": **_number_** , + "[CreatedBy](./API_GroupMembership.html#singlesignon-Type-GroupMembership-CreatedBy)": "**_string_** ", @@ -82 +90,3 @@ Required: No - "[MembershipId](./API_GroupMembership.html#singlesignon-Type-GroupMembership-MembershipId)": "**_string_** " + "[MembershipId](./API_GroupMembership.html#singlesignon-Type-GroupMembership-MembershipId)": "**_string_** ", + "[UpdatedAt](./API_GroupMembership.html#singlesignon-Type-GroupMembership-UpdatedAt)": **_number_** , + "[UpdatedBy](./API_GroupMembership.html#singlesignon-Type-GroupMembership-UpdatedBy)": "**_string_** " @@ -120,0 +131,5 @@ You do not have sufficient access to perform this action. +**Reason** + + +Indicates the reason for an access denial when returned by KMS while accessing a Customer Managed KMS key. For non-KMS access-denied errors, this field is not included. + @@ -149,0 +165,5 @@ Indicates that a requested resource is not found. +**Reason** + + +Indicates the reason for a resource not found error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. + @@ -171,0 +192,5 @@ Indicates that the principal has crossed the throttling limits of the API operat +**Reason** + + +Indicates the reason for the throttling error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. + @@ -188,0 +214,5 @@ The request failed because it contains a syntax error. +**Reason** + + +Indicates the reason for the validation error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included. +