AWS cognito documentation change
Summary
Updated billing documentation for M2M authorization to remove reference to billing based on number of app clients, and removed section advising deletion of unused client credentials app clients
Security assessment
This change updates cost tracking documentation to reflect current billing practices. While removing security advice about deleting unused app clients could have security implications if misinterpreted, the change itself is about billing structure, not addressing a security vulnerability.
Diff
diff --git a/cognito/latest/developerguide/tracking-cost.md b/cognito/latest/developerguide/tracking-cost.md index 7ba1af519..221da487e 100644 --- a//cognito/latest/developerguide/tracking-cost.md +++ b//cognito/latest/developerguide/tracking-cost.md @@ -17 +17 @@ Amazon Cognito charges for the following dimensions of your usage. - * Active user pool app clients and request volume for machine to machine (M2M) authorization with client credentials grants + * Request volume for machine to machine (M2M) authorization with client credentials grants @@ -72,4 +71,0 @@ To query the attributes of users in your user pool, use the [ListUsers](https:// -###### Delete unused client credentials app clients - -M2M authorization bills based on two factors: the rate of token requests and the number of app clients that do client credentials grants. When app clients for M2M authorization aren’t in use, delete them or remove their authorization to issue client credentials. For more information about managing app client configuration, see [Application-specific settings with app clients](./user-pool-settings-client-apps.html). -