AWS quicksuite high security documentation change
Summary
Added security guidelines for session tag implementation
Security assessment
Added concrete security controls: treating tags as credentials, server-side enforcement, protection against enumeration. Directly addresses potential security vulnerabilities in session tag implementation.
Diff
diff --git a/quicksuite/latest/userguide/quicksight-dev-rls-tags.md b/quicksuite/latest/userguide/quicksight-dev-rls-tags.md index b6706fd13..d471627fa 100644 --- a//quicksuite/latest/userguide/quicksight-dev-rls-tags.md +++ b//quicksuite/latest/userguide/quicksight-dev-rls-tags.md @@ -127 +127,12 @@ Alternatively, you can configure and enable tag-based row-level security on your -Make this API call only from your secure, trusted environment. A secure, trusted environment has access controls that you implement. These controls ensure that only your server or authorized users can add or modify session tags. +When configuring session tags in the API call, + + * Treat session tags as security credentials. Do not expose session tags to end users or client-side code. + + * Implement server-side controls. Ensure that session tags are set exclusively by your trusted backend services, not by parameters that end users can modify. + + * Protect session tags from enumeration. Ensure that users in one tenant cannot discover or guess sessionTag values belonging to other tenants. + + * Review your architecture. If downstream customers or partners are allowed to call the API directly, evaluate whether those parties could specify sessionTag values for tenants they should not access. + + + @@ -279 +290,12 @@ You can use tags for RLS only for anonymous embedding. You can set values for ta -Make this API call only from your secure, trusted environment. A secure, trusted environment has access controls that you implement. These controls ensure that only your server or authorized users can add or modify session tags. +When configuring session tags in the API call, + + * Treat session tags as security credentials. Do not expose session tags to end users or client-side code. + + * Implement server-side controls. Ensure that session tags are set exclusively by your trusted backend services, not by parameters that end users can modify. + + * Protect session tags from enumeration. Ensure that users in one tenant cannot discover or guess sessionTag values belonging to other tenants. + + * Review your architecture. If downstream customers or partners are allowed to call the API directly, evaluate whether those parties could specify sessionTag values for tenants they should not access. + + +