AWS iot documentation change
Summary
Updated documentation URLs to fix formatting by adding double slashes after domain in multiple links
Security assessment
The changes only modify URL formatting (adding extra slashes) without altering security-related content. While one section mentions confused deputy prevention, the actual security guidance remains unchanged - the edit only adjusts link syntax.
Diff
diff --git a/iot/latest/developerguide/provisioning-cert-provider.md b/iot/latest/developerguide/provisioning-cert-provider.md index 77db96d87..ee474f407 100644 --- a//iot/latest/developerguide/provisioning-cert-provider.md +++ b//iot/latest/developerguide/provisioning-cert-provider.md @@ -11 +11 @@ You can create an AWS IoT Core certificate provider to sign certificate signing -When you don't have a certificate provider with your AWS account, the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) is called in fleet provisioning to generate the certificate from a CSR. After you create a certificate provider, the behavior of the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) will change and all calls to this MQTT API will invoke the certificate provider to issue the certificate. +When you don't have a certificate provider with your AWS account, the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) is called in fleet provisioning to generate the certificate from a CSR. After you create a certificate provider, the behavior of the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) will change and all calls to this MQTT API will invoke the certificate provider to issue the certificate. @@ -17 +17 @@ With AWS IoT Core certificate provider, you can implement solutions that utilize -You can only create one certificate provider per AWS account. The signing behavior change applies to the entire fleet that calls the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) until you delete the certificate provider from your AWS account. +You can only create one certificate provider per AWS account. The signing behavior change applies to the entire fleet that calls the [CreateCertificateFromCsr MQTT API](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html#create-cert-csr) until you delete the certificate provider from your AWS account. @@ -40 +40 @@ You can only create one certificate provider per AWS account. The signing behavi -The following concepts provide details that can help you understand how self-managed certificate signing works in AWS IoT fleet provisioning. For more information, see [Provisioning devices that don't have device certificates using fleet provisioning](https://docs.aws.amazon.com/iot/latest/developerguide/provision-wo-cert.html). +The following concepts provide details that can help you understand how self-managed certificate signing works in AWS IoT fleet provisioning. For more information, see [Provisioning devices that don't have device certificates using fleet provisioning](https://docs.aws.amazon.com//iot/latest/developerguide/provision-wo-cert.html). @@ -50 +50 @@ With AWS IoT fleet provisioning (short for fleet provisioning), AWS IoT Core gen -In the process of fleet provisioning, a device makes a request to AWS IoT Core through the [fleet provisioning MQTT APIs](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html). This request includes a certificate signing request (CSR), which will be signed to create a client certificate. +In the process of fleet provisioning, a device makes a request to AWS IoT Core through the [fleet provisioning MQTT APIs](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html). This request includes a certificate signing request (CSR), which will be signed to create a client certificate. @@ -75 +75 @@ The following diagram is a simplified illustration of how self-certificate signi - * As part of the fleet provisioning process, the device makes a request to AWS IoT Core for client certificates through the [fleet provisioning MQTT APIs](https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html). This request includes a certificate signing request (CSR). + * As part of the fleet provisioning process, the device makes a request to AWS IoT Core for client certificates through the [fleet provisioning MQTT APIs](https://docs.aws.amazon.com//iot/latest/developerguide/fleet-provision-api.html). This request includes a certificate signing request (CSR). @@ -152 +152 @@ Before creating a certificate provider, you must create a Lambda function to sig - * The AWS IoT service principal must be granted the invoke permission to the Lambda function. To avoid [confused deputy issues](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html), we recommend that you set `sourceArn` and `sourceAccount` for the invoke permissions. For more information, see [Cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html). + * The AWS IoT service principal must be granted the invoke permission to the Lambda function. To avoid [confused deputy issues](https://docs.aws.amazon.com//IAM/latest/UserGuide/confused-deputy.html), we recommend that you set `sourceArn` and `sourceAccount` for the invoke permissions. For more information, see [Cross-service confused deputy prevention](https://docs.aws.amazon.com//iot/latest/developerguide/cross-service-confused-deputy-prevention.html). @@ -157 +157 @@ Before creating a certificate provider, you must create a Lambda function to sig -The following resource-based policy example for [Lambda](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html) grants AWS IoT the permission to invoke the Lambda function: +The following resource-based policy example for [Lambda](https://docs.aws.amazon.com//lambda/latest/dg/access-control-resource-based.html) grants AWS IoT the permission to invoke the Lambda function: @@ -212 +212 @@ The following shows an example output for this command: -For more information, see `[CreateCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateProvider.html)` from the _AWS IoT_ _API Reference_. +For more information, see `[CreateCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_CreateCertificateProvider.html)` from the _AWS IoT_ _API Reference_. @@ -216 +216 @@ To choose self-managed certificate signing using AWS Management Console, follow - 1. Go to the [AWS IoT console](https://console.aws.amazon.com/iot/home). + 1. Go to the [AWS IoT console](https://console.aws.amazon.com//iot/home). @@ -255 +255 @@ The following shows an example output for this command: -For more information, see `[CreateCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateProvider.html)` from the _AWS IoT_ _API Reference_. +For more information, see `[CreateCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_CreateCertificateProvider.html)` from the _AWS IoT_ _API Reference_. @@ -275 +275 @@ The following shows an example output for this command: -For more information, see `[UpdateCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCertificateProvider.html)` from the _AWS IoT_ _API Reference_. +For more information, see `[UpdateCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_UpdateCertificateProvider.html)` from the _AWS IoT_ _API Reference_. @@ -297 +297 @@ The following shows an example output for this command: -For more information, see `[DescribeCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCertificateProvider.html)` from the _AWS IoT_ _API Reference_. +For more information, see `[DescribeCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_DescribeCertificateProvider.html)` from the _AWS IoT_ _API Reference_. @@ -308 +308 @@ This command doesn't produce any output. -For more information, see `[DeleteCertificateProvider](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCertificateProvider.html)` from the _AWS IoT_ _API Reference_. +For more information, see `[DeleteCertificateProvider](https://docs.aws.amazon.com//iot/latest/apireference/API_DeleteCertificateProvider.html)` from the _AWS IoT_ _API Reference_. @@ -329 +329 @@ The following shows an example output for this command: -For more information, see [`ListCertificateProvider`](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificateProviders.html) from the _AWS IoT_ _API Reference_. +For more information, see [`ListCertificateProvider`](https://docs.aws.amazon.com//iot/latest/apireference/API_ListCertificateProviders.html) from the _AWS IoT_ _API Reference_.