AWS cli documentation change
Summary
Added note about IAM Identity Center managed roles incompatibility and updated CLI version
Security assessment
The added note clarifies security-related behavior (incompatibility with specific roles) but does not address a specific vulnerability. It improves documentation about secure role assumption limitations.
Diff
diff --git a/cli/latest/reference/sts/assume-role-with-saml.md b/cli/latest/reference/sts/assume-role-with-saml.md index 73835a9c1..6d6db9b15 100644 --- a//cli/latest/reference/sts/assume-role-with-saml.md +++ b//cli/latest/reference/sts/assume-role-with-saml.md @@ -15 +15 @@ - * [AWS CLI 2.31.32 Command Reference](../../index.html) » + * [AWS CLI 2.31.35 Command Reference](../../index.html) » @@ -64 +64,5 @@ The temporary security credentials returned by this operation consist of an acce -> **Session Duration** +### Note + +> AssumeRoleWithSAML will not work on IAM Identity Center managed roles. These roles’ names start with `AWSReservedSSO_` . + +**Session Duration** @@ -543 +547 @@ SourceIdentity -> (string) - * [AWS CLI 2.31.32 Command Reference](../../index.html) » + * [AWS CLI 2.31.35 Command Reference](../../index.html) »