AWS cli documentation change
Summary
Added CONTENT_REDIRECTION as an updatable attribute and documented the ContentRedirection structure in the output, similar to describe-stacks
Security assessment
This change allows updating the ContentRedirection settings, which is a security feature that controls URL redirection. It enables administrators to manage allowed and denied URL patterns for redirection, enhancing security by restricting potentially malicious redirects. No evidence of a specific security issue being fixed.
Diff
diff --git a/cli/latest/reference/appstream/update-stack.md b/cli/latest/reference/appstream/update-stack.md index 020ba6ac8..a52bce59c 100644 --- a//cli/latest/reference/appstream/update-stack.md +++ b//cli/latest/reference/appstream/update-stack.md @@ -15 +15 @@ - * [AWS CLI 2.34.19 Command Reference](../../index.html) » + * [AWS CLI 2.34.20 Command Reference](../../index.html) » @@ -271,0 +272 @@ JSON Syntax: +>> * `CONTENT_REDIRECTION` @@ -928,0 +930,58 @@ Stack -> (structure) +> +> ContentRedirection -> (structure) +> +>> Configuration for bidirectional URL redirection between the streaming session and the local client. Use HostToClient to redirect URLs from the remote desktop to the local browser. +>> +>> HostToClient -> (structure) +>> +>>> Configuration for redirecting URLs from the remote desktop to the local client browser. +>>> +>>> Enabled -> (boolean) [required] +>>> +>>>> Whether URL redirection is enabled for this direction. +>>> +>>> AllowedUrls -> (list) +>>> +>>>> List of URL patterns that are allowed to be redirected. URLs matching these patterns will be redirected unless they also match a pattern in the denied list. +>>>> +>>>> Constraints: +>>>> +>>>> * min: `0` +>>>> * max: `100` +>>>> + +>>>> +>>>> (string) +>>>> +>>>>> A glob pattern using wildcards (* for zero or more characters, ? for exactly one character) to match URLs for redirection rules. Patterns do not include a protocol prefix; HTTPS is enforced automatically. Valid examples: _, *.example.com, github.com/myorg/_ , api?.example.com Invalid examples: <https://example.com> (no protocol), empty string +>>>>> +>>>>> Constraints: +>>>>> +>>>>> * min: `1` +>>>>> * max: `2048` +>>>>> * pattern: `^(\*|https?://[^\s,;]+)$` +>>>>> + +>>> +>>> DeniedUrls -> (list) +>>> +>>>> List of URL patterns that are denied from redirection. This list takes precedence over the allowed list. +>>>> +>>>> Constraints: +>>>> +>>>> * min: `0` +>>>> * max: `100` +>>>> + +>>>> +>>>> (string) +>>>> +>>>>> A glob pattern using wildcards (* for zero or more characters, ? for exactly one character) to match URLs for redirection rules. Patterns do not include a protocol prefix; HTTPS is enforced automatically. Valid examples: _, *.example.com, github.com/myorg/_ , api?.example.com Invalid examples: <https://example.com> (no protocol), empty string +>>>>> +>>>>> Constraints: +>>>>> +>>>>> * min: `1` +>>>>> * max: `2048` +>>>>> * pattern: `^(\*|https?://[^\s,;]+)$` +>>>>> + @@ -940 +999 @@ Stack -> (structure) - * [AWS CLI 2.34.19 Command Reference](../../index.html) » + * [AWS CLI 2.34.20 Command Reference](../../index.html) »