AWS Security ChangesHomeSearch

AWS amazon-mq documentation change

Service: amazon-mq · 2026-01-07 · Documentation low

File: amazon-mq/latest/developer-guide/rabbitmq-basic-elements-plugins.md

Summary

Added HTTP plugin documentation including availability conditions (RabbitMQ v4+), authentication capabilities, and link to detailed guide.

Security assessment

Introduces documentation for a new security-related plugin (HTTP authentication backend) but doesn't address any specific security vulnerability.

Diff

diff --git a/amazon-mq/latest/developer-guide/rabbitmq-basic-elements-plugins.md b/amazon-mq/latest/developer-guide/rabbitmq-basic-elements-plugins.md
index a56750a8c..c16c75475 100644
--- a//amazon-mq/latest/developer-guide/rabbitmq-basic-elements-plugins.md
+++ b//amazon-mq/latest/developer-guide/rabbitmq-basic-elements-plugins.md
@@ -5 +5 @@
-RabbitMQ management pluginShovel pluginFederation pluginConsistent Hash exchange pluginOAuth 2.0 pluginLDAP pluginaws plugin
+RabbitMQ management pluginShovel pluginFederation pluginConsistent Hash exchange pluginOAuth 2.0 pluginLDAP pluginHTTP pluginaws plugin
@@ -22,0 +23,2 @@ Amazon MQ for RabbitMQ also supports the following plugins.
+  * HTTP plugin
+
@@ -101,0 +104,8 @@ Amazon MQ for RabbitMQ supports the [LDAP authentication backend plugin](https:/
+## HTTP plugin
+
+Amazon MQ for RabbitMQ supports the [HTTP authentication backend plugin](https://github.com/rabbitmq/rabbitmq-auth-backend-http). This plugin is conditionally enabled based on your broker configuration. When enabled, this plugin provides HTTP authentication and authorization with integration to external HTTP servers for centralized user authentication and authorization. For more information about HTTP authentication, see [HTTP authentication and authorization](./http-for-amq-for-rabbitmq.html).
+
+###### Note
+
+The HTTP authentication plugin is only available for Amazon MQ for RabbitMQ version 4 and above.
+
@@ -112 +122 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-OAuth 2.0 authentication and authorization
+HTTP authentication and authorization