AWS cli documentation change
Summary
Added new 'web-content-filtering-policy' parameter with URL/category-based content filtering controls and made 'browser-policy' optional
Security assessment
The change introduces documentation for a web content filtering policy that blocks access to security-sensitive categories (e.g., Hacking, IllegalDrugs, Weapons) and controls URL access. This is a security feature addition rather than a vulnerability fix.
Diff
diff --git a/cli/latest/reference/workspaces-web/create-browser-settings.md b/cli/latest/reference/workspaces-web/create-browser-settings.md index 533f25991..0068a9647 100644 --- a//cli/latest/reference/workspaces-web/create-browser-settings.md +++ b//cli/latest/reference/workspaces-web/create-browser-settings.md @@ -15 +15 @@ - * [AWS CLI 2.31.35 Command Reference](../../index.html) » + * [AWS CLI 2.31.37 Command Reference](../../index.html) » @@ -70 +70 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/worksp - --browser-policy <value> + [--browser-policy <value>] @@ -71,0 +72 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/worksp + [--web-content-filtering-policy <value>] @@ -202 +203 @@ JSON Syntax: -`--browser-policy` (string) [required] +`--browser-policy` (string) @@ -226,0 +228,103 @@ JSON Syntax: +`--web-content-filtering-policy` (structure) + +> The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security. +> +> blockedCategories -> (list) +> +>> Categories of websites that are blocked on the end user’s browsers. +>> +>> Constraints: +>> +>> * min: `1` +>> * max: `100` +>> + +>> +>> (string) +>> +>>> Possible values: +>>> +>>> * `Cults` +>>> * `Gambling` +>>> * `Nudity` +>>> * `Pornography` +>>> * `SexEducation` +>>> * `Tasteless` +>>> * `Violence` +>>> * `DownloadSites` +>>> * `ImageSharing` +>>> * `PeerToPeer` +>>> * `StreamingMediaAndDownloads` +>>> * `GenerativeAI` +>>> * `CriminalActivity` +>>> * `Hacking` +>>> * `HateAndIntolerance` +>>> * `IllegalDrug` +>>> * `IllegalSoftware` +>>> * `SchoolCheating` +>>> * `SelfHarm` +>>> * `Weapons` +>>> * `Chat` +>>> * `Games` +>>> * `InstantMessaging` +>>> * `ProfessionalNetwork` +>>> * `SocialNetworking` +>>> * `WebBasedEmail` +>>> * `ParkedDomains` +>>> + +> +> allowedUrls -> (list) +> +>> URLs and domains that are always accessible to end users. +>> +>> Constraints: +>> +>> * min: `1` +>> * max: `1000` +>> + +>> +>> (string) +>> +>>> Constraints: +>>> +>>> * pattern: `((([a-zA-Z][a-zA-Z0-9+.-]*):\/\/(\*|[\w%._\-\+~#=@]+)?(\/[^@\s]*)?(?:\?([^*\s]+(?:\*?)))?)|(\*|[\w%._\-\+~#=@]+\.[\w%._\-\+~#=@]+)(?::(\d{1,5}))?(\/[^@\s]*)?(?:\?([^*\s]+(?:\*?)))?|(([a-zA-Z][a-zA-Z0-9+.-]*):(\/\/)?\*))` +>>> + +> +> blockedUrls -> (list) +> +>> URLs and domains that end users cannot access. +>> +>> Constraints: +>> +>> * min: `1` +>> * max: `1000` +>> + +>> +>> (string) +>> +>>> Constraints: +>>> +>>> * pattern: `((([a-zA-Z][a-zA-Z0-9+.-]*):\/\/(\*|[\w%._\-\+~#=@]+)?(\/[^@\s]*)?(?:\?([^*\s]+(?:\*?)))?)|(\*|[\w%._\-\+~#=@]+\.[\w%._\-\+~#=@]+)(?::(\d{1,5}))?(\/[^@\s]*)?(?:\?([^*\s]+(?:\*?)))?|(([a-zA-Z][a-zA-Z0-9+.-]*):(\/\/)?\*))` +>>> + + +Shorthand Syntax: + + + blockedCategories=string,string,allowedUrls=string,string,blockedUrls=string,string + + +JSON Syntax: + + + { + "blockedCategories": ["Cults"|"Gambling"|"Nudity"|"Pornography"|"SexEducation"|"Tasteless"|"Violence"|"DownloadSites"|"ImageSharing"|"PeerToPeer"|"StreamingMediaAndDownloads"|"GenerativeAI"|"CriminalActivity"|"Hacking"|"HateAndIntolerance"|"IllegalDrug"|"IllegalSoftware"|"SchoolCheating"|"SelfHarm"|"Weapons"|"Chat"|"Games"|"InstantMessaging"|"ProfessionalNetwork"|"SocialNetworking"|"WebBasedEmail"|"ParkedDomains", ...], + "allowedUrls": ["string", ...], + "blockedUrls": ["string", ...] + } + + @@ -348 +452 @@ browserSettingsArn -> (string) - * [AWS CLI 2.31.35 Command Reference](../../index.html) » + * [AWS CLI 2.31.37 Command Reference](../../index.html) »