AWS elasticloadbalancing documentation change
Summary
Expanded JWKS endpoint troubleshooting details with specific validation failure scenarios
Security assessment
Provides clearer guidance for debugging JWT validation issues but doesn't address specific security vulnerabilities. Strengthens operational security through better diagnostics.
Diff
diff --git a/elasticloadbalancing/latest/application/load-balancer-troubleshooting.md b/elasticloadbalancing/latest/application/load-balancer-troubleshooting.md index 78ad639af..391de0b90 100644 --- a//elasticloadbalancing/latest/application/load-balancer-troubleshooting.md +++ b//elasticloadbalancing/latest/application/load-balancer-troubleshooting.md @@ -410 +410,18 @@ You configured a listener rule to authenticate users, but the IdP returned an er -The load balancer failed to receive a successful response from the JWKS (JSON Web Key Set) endpoint. A successful response should have a status code in the 200-299 range, but a different status code was received instead. +The load balancer failed to receive a successful and valid response from the JWKS (JSON Web Key Set) endpoint. A successful response should have a status code in the 200-299 range, but a different status code was received instead. A valid response should not have the following issue: + + * Non-JSON format + + * Invalid characters + + * Invalid JWKS format + + * Missing/invalid mandatory JWKS attributes + + * Public key has unsupported algorithm + + * the public key could not be converted to a decoding key + + * public key size was not 2K + + +