AWS Security ChangesHomeSearch

AWS elasticloadbalancing documentation change

Service: elasticloadbalancing · 2026-01-10 · Documentation low

File: elasticloadbalancing/latest/application/listener-verify-jwt.md

Summary

Added explicit note that only RS256 algorithm is supported for JWT verification.

Security assessment

Documents a technical limitation (algorithm support) that could prevent misconfiguration. RS256 is a security-relevant detail but doesn't address a specific vulnerability.

Diff

diff --git a/elasticloadbalancing/latest/application/listener-verify-jwt.md b/elasticloadbalancing/latest/application/listener-verify-jwt.md
index ba843695a..6e9d5b1dc 100644
--- a//elasticloadbalancing/latest/application/listener-verify-jwt.md
+++ b//elasticloadbalancing/latest/application/listener-verify-jwt.md
@@ -34 +34 @@ Complete the following tasks:
-  4. Include the JWT in a request header, and forward it to the Application Load Balancer in every request.
+  4. Include the JWT in a request header, and forward it to the Application Load Balancer in every request. Note: Only the RS256 algorithm is supported