AWS Security ChangesHomeSearch

AWS ivs documentation change

Service: ivs · 2026-03-04 · Documentation medium

File: ivs/latest/LowLatencyAPIReference/API_BatchGetChannel.md

Summary

Added security-related HTTP response headers and error codes documentation

Security assessment

The change documents security headers like Content-Security-Policy and Strict-Transport-Security, which are security best practices. However, there is no explicit reference to resolving a specific security vulnerability. The additions appear to be standard security feature documentation for API responses rather than addressing a disclosed weakness.

Diff

diff --git a/ivs/latest/LowLatencyAPIReference/API_BatchGetChannel.md b/ivs/latest/LowLatencyAPIReference/API_BatchGetChannel.md
index 912ba5ec8..a566da4d1 100644
--- a//ivs/latest/LowLatencyAPIReference/API_BatchGetChannel.md
+++ b//ivs/latest/LowLatencyAPIReference/API_BatchGetChannel.md
@@ -47,0 +48,7 @@ Required: Yes
+    Access-Control-Allow-Origin: accessControlAllowOrigin
+    Access-Control-Expose-Headers: accessControlExposeHeaders
+    Cache-Control: cacheControl
+    Content-Security-Policy: contentSecurityPolicy
+    Strict-Transport-Security: strictTransportSecurity
+    X-Content-Type-Options: xContentTypeOptions
+    X-Frame-Options: xFrameOptions
@@ -91,0 +99,23 @@ If the action is successful, the service sends back an HTTP 200 response.
+The response returns the following HTTP headers.
+
+**accessControlAllowOrigin **
+    
+
+**accessControlExposeHeaders **
+    
+
+**cacheControl **
+    
+
+**contentSecurityPolicy **
+    
+
+**strictTransportSecurity **
+    
+
+**xContentTypeOptions **
+    
+
+**xFrameOptions **
+    
+
@@ -109,0 +140,25 @@ For information about the errors that are common to all actions, see [Common Err
+**AccessDeniedException**
+    
+
+**exceptionMessage**
+    
+
+User does not have sufficient access to perform this action.
+
+HTTP Status Code: 403
+
+**ServiceUnavailable**
+    
+
+HTTP Status Code: 503
+
+**ValidationException**
+    
+
+**exceptionMessage**
+    
+
+The input fails to satisfy the constraints specified by an AWS service.
+
+HTTP Status Code: 400
+