AWS Security ChangesHomeSearch

AWS IAM documentation change

Service: IAM · 2025-11-22 · Documentation low

File: IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.md

Summary

Fixed URL formatting in CloudTrail documentation link

Security assessment

Change corrects a documentation URL but doesn't modify security-related content about MFA requirements or CloudTrail logging.

Diff

diff --git a/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.md b/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.md
index 80b3110d1..de9793809 100644
--- a//IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.md
+++ b//IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.md
@@ -113 +113 @@ The purpose of the `GetSessionToken` operation is to authenticate the user using
-AWS CloudTrail logs will contain MFA information when the IAM user sign in with MFA. If the IAM user assumes an IAM role, CloudTrail will also log `mfaAuthenticated: true` in the `sessionContext` attributes for actions performed using the assumed role. However, CloudTrail logging is separate from what IAM requires when API calls are made with the assumed role's credentials. For more information, see [CloudTrail userIdentity Element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html).
+AWS CloudTrail logs will contain MFA information when the IAM user sign in with MFA. If the IAM user assumes an IAM role, CloudTrail will also log `mfaAuthenticated: true` in the `sessionContext` attributes for actions performed using the assumed role. However, CloudTrail logging is separate from what IAM requires when API calls are made with the assumed role's credentials. For more information, see [CloudTrail userIdentity Element](https://docs.aws.amazon.com//awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html).