AWS Security ChangesHomeSearch

AWS AmazonCloudWatch high security documentation change

Service: AmazonCloudWatch · 2026-03-22 · Security-related high

File: AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md

Summary

Added new rate limits for PutBearerTokenAuthentication API calls

Security assessment

Introducing throttle limits on bearer token authentication API suggests added protection against credential stuffing/brute force attacks - a security control measure.

Diff

diff --git a/AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md b/AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md
index 4e973cb97..a3c20e9db 100644
--- a//AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md
+++ b//AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md
@@ -64,0 +65,2 @@ Metrics filters per log group | Each supported Region: 100 | No | The number of
+PutBearerTokenAuthentication throttle limit in transactions per second | Each supported Region: 5 | No | The maximum number of put-bearer-token-authentication calls per second per account/per region  
+PutBearerTokenAuthentication throttle limit in transactions per second in a burst | Each supported Region: 10 | No | The maximum number of put-bearer-token-authentication calls per second per account/per region in a burst