AWS Security ChangesHomeSearch

AWS iot documentation change

Service: iot · 2025-11-22 · Documentation low

File: iot/latest/developerguide/provisioning-cert-provider.md

Summary

Updated documentation URLs to fix formatting by adding double slashes after domain in multiple links

Security assessment

The changes only modify URL formatting (adding extra slashes) without altering security-related content. While one section mentions confused deputy prevention, the actual security guidance remains unchanged - the edit only adjusts link syntax.

Diff

diff --git a/iot/latest/developerguide/provisioning-cert-provider.md b/iot/latest/developerguide/provisioning-cert-provider.md
index 77db96d87..ee474f407 100644
--- a//iot/latest/developerguide/provisioning-cert-provider.md
+++ b//iot/latest/developerguide/provisioning-cert-provider.md
@@ -11 +11 @@ You can create an AWS IoT Core certificate provider to sign certificate signing
-When you don't have a certificate provider with your AWS account, the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) is called in fleet provisioning to generate the certificate from a CSR. After you create a certificate provider, the behavior of the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) will change and all calls to this MQTT API will invoke the certificate provider to issue the certificate.
+When you don't have a certificate provider with your AWS account, the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) is called in fleet provisioning to generate the certificate from a CSR. After you create a certificate provider, the behavior of the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) will change and all calls to this MQTT API will invoke the certificate provider to issue the certificate.
@@ -17 +17 @@ With AWS IoT Core certificate provider, you can implement solutions that utilize
-You can only create one certificate provider per AWS account. The signing behavior change applies to the entire fleet that calls the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) until you delete the certificate provider from your AWS account.
+You can only create one certificate provider per AWS account. The signing behavior change applies to the entire fleet that calls the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) until you delete the certificate provider from your AWS account.
@@ -40 +40 @@ You can only create one certificate provider per AWS account. The signing behavi
-The following concepts provide details that can help you understand how self-managed certificate signing works in AWS IoT fleet provisioning. For more information, see [Provisioning devices that don't have device certificates using fleet provisioning](https://docs.aws.amazon.com/iot/latest/developerguide/provision-wo-cert.html).
+The following concepts provide details that can help you understand how self-managed certificate signing works in AWS IoT fleet provisioning. For more information, see [Provisioning devices that don't have device certificates using fleet provisioning](https://docs.aws.amazon.com//iot/latest/developerguide/provision-wo-cert.html).
@@ -50 +50 @@ With AWS IoT fleet provisioning (short for fleet provisioning), AWS IoT Core gen
-In the process of fleet provisioning, a device makes a request to AWS IoT Core through the [fleet provisioning MQTT APIs](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html). This request includes a certificate signing request (CSR), which will be signed to create a client certificate. 
+In the process of fleet provisioning, a device makes a request to AWS IoT Core through the [fleet provisioning MQTT APIs](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html). This request includes a certificate signing request (CSR), which will be signed to create a client certificate. 
@@ -75 +75 @@ The following diagram is a simplified illustration of how self-certificate signi
-  * As part of the fleet provisioning process, the device makes a request to AWS IoT Core for client certificates through the [fleet provisioning MQTT APIs](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html). This request includes a certificate signing request (CSR).
+  * As part of the fleet provisioning process, the device makes a request to AWS IoT Core for client certificates through the [fleet provisioning MQTT APIs](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html). This request includes a certificate signing request (CSR).
@@ -152 +152 @@ Before creating a certificate provider, you must create a Lambda function to sig
-  * The AWS IoT service principal must be granted the invoke permission to the Lambda function. To avoid [confused deputy issues](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html), we recommend that you set `sourceArn` and `sourceAccount` for the invoke permissions. For more information, see [Cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html).
+  * The AWS IoT service principal must be granted the invoke permission to the Lambda function. To avoid [confused deputy issues](https://docs.aws.amazon.com//IAM/latest/UserGuide/confused-deputy.html), we recommend that you set `sourceArn` and `sourceAccount` for the invoke permissions. For more information, see [Cross-service confused deputy prevention](https://docs.aws.amazon.com//iot/latest/developerguide/cross-service-confused-deputy-prevention.html).
@@ -157 +157 @@ Before creating a certificate provider, you must create a Lambda function to sig
-The following resource-based policy example for [Lambda](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html) grants AWS IoT the permission to invoke the Lambda function:
+The following resource-based policy example for [Lambda](https://docs.aws.amazon.com//lambda/latest/dg/access-control-resource-based.html) grants AWS IoT the permission to invoke the Lambda function:
@@ -212 +212 @@ The following shows an example output for this command:
-For more information, see `[CreateCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
+For more information, see `[CreateCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_CreateCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
@@ -216 +216 @@ To choose self-managed certificate signing using AWS Management Console, follow
-  1. Go to the [AWS IoT console](https://console.aws.amazon.com/iot/home).
+  1. Go to the [AWS IoT console](https://console.aws.amazon.com//iot/home).
@@ -255 +255 @@ The following shows an example output for this command:
-For more information, see `[CreateCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
+For more information, see `[CreateCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_CreateCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
@@ -275 +275 @@ The following shows an example output for this command:
-For more information, see `[UpdateCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
+For more information, see `[UpdateCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_UpdateCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
@@ -297 +297 @@ The following shows an example output for this command:
-For more information, see `[DescribeCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
+For more information, see `[DescribeCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_DescribeCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
@@ -308 +308 @@ This command doesn't produce any output.
-For more information, see `[DeleteCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
+For more information, see `[DeleteCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_DeleteCertificateProvider.html)` from the _AWS IoT_ _API Reference_.
@@ -329 +329 @@ The following shows an example output for this command:
-For more information, see [`ListCertificateProvider`](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificateProviders.html) from the _AWS IoT_ _API Reference_.
+For more information, see [`ListCertificateProvider`](https://docs.aws.amazon.com//iot/latest/apireference/API_ListCertificateProviders.html) from the _AWS IoT_ _API Reference_.