AWS AmazonCloudWatch high security documentation change
Summary
Added new rate limits for PutBearerTokenAuthentication API calls
Security assessment
Introducing throttle limits on bearer token authentication API suggests added protection against credential stuffing/brute force attacks - a security control measure.
Diff
diff --git a/AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md b/AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md index 4e973cb97..a3c20e9db 100644 --- a//AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md +++ b//AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.md @@ -64,0 +65,2 @@ Metrics filters per log group | Each supported Region: 100 | No | The number of +PutBearerTokenAuthentication throttle limit in transactions per second | Each supported Region: 5 | No | The maximum number of put-bearer-token-authentication calls per second per account/per region +PutBearerTokenAuthentication throttle limit in transactions per second in a burst | Each supported Region: 10 | No | The maximum number of put-bearer-token-authentication calls per second per account/per region in a burst