AWS cli documentation change
Summary
Added documentation for TOKEN_EXCHANGED event type and detailed structure definitions for token exchange functionality
Security assessment
The change documents security-relevant token exchange mechanics including capabilities, attributes with sensitivity warnings, and expiration times. While it adds security feature documentation, there's no evidence of addressing an existing vulnerability.
Diff
diff --git a/cli/latest/reference/ivs-realtime/list-participant-events.md b/cli/latest/reference/ivs-realtime/list-participant-events.md index 5666375a8..942ad489f 100644 --- a//cli/latest/reference/ivs-realtime/list-participant-events.md +++ b//cli/latest/reference/ivs-realtime/list-participant-events.md @@ -15 +15 @@ - * [AWS CLI 2.32.11 Command Reference](../../index.html) » + * [AWS CLI 2.32.13 Command Reference](../../index.html) » @@ -385,0 +386 @@ events -> (list) +>>> * `TOKEN_EXCHANGED` @@ -483,0 +485,94 @@ events -> (list) +>> +>> previousToken -> (structure) +>> +>>> Source participant token for `TOKEN_EXCHANGED` event. +>>> +>>> capabilities -> (list) +>>> +>>>> Set of capabilities that the user is allowed to perform in the stage. +>>>> +>>>> Constraints: +>>>> +>>>> * min: `0` +>>>> * max: `2` +>>>> + +>>>> +>>>> (string) +>>>> +>>>>> Possible values: +>>>>> +>>>>> * `PUBLISH` +>>>>> * `SUBSCRIBE` +>>>>> + +>>> +>>> attributes -> (map) +>>> +>>>> Application-provided attributes to encode into the token and attach to a stage. Map keys and values can contain UTF-8 encoded text. The maximum length of this field is 1 KB total. _This field is exposed to all stage participants and should not be used for personally identifying, confidential, or sensitive information._ +>>>> +>>>> key -> (string) +>>>> +>>>> value -> (string) +>>> +>>> userId -> (string) +>>> +>>>> Customer-assigned name to help identify the token; this can be used to link a participant to a user in the customer’s own systems. This can be any UTF-8 encoded text. _This field is exposed to all stage participants and should not be used for personally identifying, confidential, or sensitive information._ +>>>> +>>>> Constraints: +>>>> +>>>> * min: `0` +>>>> * max: `128` +>>>> + +>>> +>>> expirationTime -> (timestamp) +>>> +>>>> ISO 8601 timestamp (returned as a string) for when this token expires. +>> +>> newToken -> (structure) +>> +>>> Participant token created during `TOKEN_EXCHANGED` event. +>>> +>>> capabilities -> (list) +>>> +>>>> Set of capabilities that the user is allowed to perform in the stage. +>>>> +>>>> Constraints: +>>>> +>>>> * min: `0` +>>>> * max: `2` +>>>> + +>>>> +>>>> (string) +>>>> +>>>>> Possible values: +>>>>> +>>>>> * `PUBLISH` +>>>>> * `SUBSCRIBE` +>>>>> + +>>> +>>> attributes -> (map) +>>> +>>>> Application-provided attributes to encode into the token and attach to a stage. Map keys and values can contain UTF-8 encoded text. The maximum length of this field is 1 KB total. _This field is exposed to all stage participants and should not be used for personally identifying, confidential, or sensitive information._ +>>>> +>>>> key -> (string) +>>>> +>>>> value -> (string) +>>> +>>> userId -> (string) +>>> +>>>> Customer-assigned name to help identify the token; this can be used to link a participant to a user in the customer’s own systems. This can be any UTF-8 encoded text. _This field is exposed to all stage participants and should not be used for personally identifying, confidential, or sensitive information._ +>>>> +>>>> Constraints: +>>>> +>>>> * min: `0` +>>>> * max: `128` +>>>> + +>>> +>>> expirationTime -> (timestamp) +>>> +>>>> ISO 8601 timestamp (returned as a string) for when this token expires. @@ -507 +602 @@ nextToken -> (string) - * [AWS CLI 2.32.11 Command Reference](../../index.html) » + * [AWS CLI 2.32.13 Command Reference](../../index.html) »