AWS singlesignon documentation change
Summary
Updated error documentation with more detailed descriptions, corrected HTTP status codes, and added new error types including ExpiredTokenException, UnknownOperationException, and UnrecognizedClientException.
Security assessment
The changes improve documentation for security-related error conditions (like AccessDeniedException, ExpiredTokenException, InvalidSignatureException, and UnrecognizedClientException) by providing more detailed explanations and correct HTTP status codes, but there is no evidence of a specific security vulnerability being addressed.
Diff
diff --git a/singlesignon/latest/IdentityStoreAPIReference/CommonErrors.md b/singlesignon/latest/IdentityStoreAPIReference/CommonErrors.md index 9b70d1c5f..1f12246b8 100644 --- a//singlesignon/latest/IdentityStoreAPIReference/CommonErrors.md +++ b//singlesignon/latest/IdentityStoreAPIReference/CommonErrors.md @@ -5 +5 @@ -# Common Errors +# Common Error Types @@ -7 +7 @@ -This section lists the errors common to the API actions of all AWS services. For errors specific to an API action for this service, see the topic for that API action. +This section lists common error types that this AWS service may return. Not all services return all error types listed here. For errors specific to an API action for this service, see the topic for that API action. @@ -12 +12 @@ This section lists the errors common to the API actions of all AWS services. For -You do not have sufficient access to perform this action. +You don't have permission to perform this action. Verify that your IAM policy includes the required permissions. @@ -14 +14,8 @@ You do not have sufficient access to perform this action. -HTTP Status Code: 400 +HTTP Status Code: 403 + +**ExpiredTokenException** + + +The security token included in the request has expired. Request a new security token and try again. + +HTTP Status Code: 403 @@ -19 +26 @@ HTTP Status Code: 400 -The request signature does not conform to AWS standards. +The request signature doesn't conform to AWS standards. Verify that you're using valid AWS credentials and that your request is properly formatted. If you're using an SDK, ensure it's up to date. @@ -21 +28 @@ The request signature does not conform to AWS standards. -HTTP Status Code: 400 +HTTP Status Code: 403 @@ -26 +33 @@ HTTP Status Code: 400 -The request processing has failed because of an unknown error, exception or failure. +The request can't be processed right now because of an internal server issue. Try again later. If the problem persists, contact AWS Support. @@ -30 +37 @@ HTTP Status Code: 500 -**InvalidAction** +**MalformedHttpRequestException** @@ -33 +40 @@ HTTP Status Code: 500 -The action or operation requested is invalid. Verify that the action is typed correctly. +The request body can't be processed. This typically happens when the request body can't be decompressed using the specified content encoding algorithm. Verify that the content encoding header matches the compression format used. @@ -37 +44,8 @@ HTTP Status Code: 400 -**InvalidClientTokenId** +**NotAuthorized** + + +You don't have permissions to perform this action. Verify that your IAM policy includes the required permissions. + +HTTP Status Code: 401 + +**OptInRequired** @@ -40 +54 @@ HTTP Status Code: 400 -The X.509 certificate or AWS access key ID provided does not exist in our records. +Your AWS account needs a subscription for this service. Verify that you've enabled the service in your account. @@ -44 +58 @@ HTTP Status Code: 403 -**NotAuthorized** +**RequestAbortedException** @@ -47 +61 @@ HTTP Status Code: 403 -You do not have permission to perform this action. +The request was aborted before a response could be returned. This typically happens when the client closes the connection. @@ -51 +65 @@ HTTP Status Code: 400 -**OptInRequired** +**RequestEntityTooLargeException** @@ -54 +68 @@ HTTP Status Code: 400 -The AWS access key ID needs a subscription for the service. +The request entity is too large. Reduce the size of the request body and try again. @@ -56 +70 @@ The AWS access key ID needs a subscription for the service. -HTTP Status Code: 403 +HTTP Status Code: 413 @@ -58 +72 @@ HTTP Status Code: 403 -**RequestExpired** +**RequestTimeoutException** @@ -61 +75 @@ HTTP Status Code: 403 -The request reached the service more than 15 minutes after the date stamp on the request or more than 15 minutes after the request expiration date (such as for pre-signed URLs), or the date stamp on the request is more than 15 minutes in the future. +The request timed out. The server didn't receive the complete request within the expected time frame. Try again. @@ -63 +77 @@ The request reached the service more than 15 minutes after the date stamp on the -HTTP Status Code: 400 +HTTP Status Code: 408 @@ -68 +82 @@ HTTP Status Code: 400 -The request has failed due to a temporary failure of the server. +The service is temporarily unavailable. Try again later. @@ -75 +89 @@ HTTP Status Code: 503 -The request was denied due to request throttling. +Your request rate is too high. The AWS SDKs automatically retry requests that receive this exception. Reduce the frequency of requests. @@ -78,0 +93,14 @@ HTTP Status Code: 400 +**UnknownOperationException** + + +The action or operation isn't recognized. Verify that the action name is spelled correctly and that it's supported by the API version you're using. + +HTTP Status Code: 404 + +**UnrecognizedClientException** + + +The X.509 certificate or AWS access key ID you provided doesn't exist in our records. Verify that you're using valid credentials and that they haven't expired. + +HTTP Status Code: 403 + @@ -82 +110 @@ HTTP Status Code: 400 -The input fails to satisfy the constraints specified by an AWS service. +The input doesn't meet the required format or constraints. Check that all required parameters are included and that values are valid.