AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-04-10 · Documentation medium

File: cli/latest/reference/rtbfabric/create-responder-gateway.md

Summary

Added new --listener-config and --gateway-type parameters with detailed constraints, updated domain pattern validation, and added new output fields for responder gateway creation

Security assessment

The changes add security-related documentation including: 1) Listener configuration supporting HTTPS protocol for secure connections, 2) Input validation constraints (min/max lengths, patterns) that help prevent injection attacks, 3) IAM role ARN pattern validation, 4) Gateway type distinction (EXTERNAL/INTERNAL) which has security implications for network exposure. While these are security enhancements in documentation, there's no evidence they address a specific security vulnerability.

Diff

diff --git a/cli/latest/reference/rtbfabric/create-responder-gateway.md b/cli/latest/reference/rtbfabric/create-responder-gateway.md
index e65d25260..d66e18422 100644
--- a//cli/latest/reference/rtbfabric/create-responder-gateway.md
+++ b//cli/latest/reference/rtbfabric/create-responder-gateway.md
@@ -15 +15 @@
-  * [AWS CLI 2.34.25 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.28 Command Reference](../../index.html) »
@@ -76,0 +77 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/rtbfab
+    [--listener-config <value>]
@@ -81,0 +83 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/rtbfab
+    [--gateway-type <value>]
@@ -112,0 +115,2 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/rtbfab
+>   * min: `12`
+>   * max: `21`
@@ -130,0 +135,2 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/rtbfab
+>>   * min: `15`
+>>   * max: `24`
@@ -154,0 +161,2 @@ Syntax:
+>>   * min: `11`
+>>   * max: `43`
@@ -173 +181 @@ Syntax:
->   * pattern: `(?:[A-Za-z0-9](?:[A-Za-z0-9-]{0,61}[A-Za-z0-9])?)(?:\.(?:[A-Za-z0-9](?:[A-Za-z0-9-]{0,61}[A-Za-z0-9])?))+`
+>   * pattern: `(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?)(?:\.(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?))+`
@@ -198,0 +207,38 @@ Syntax:
+`--listener-config` (structure)
+
+> Listener configuration for the protocols (HTTP, HTTPS, or both) accepted by the gateway.
+> 
+> protocols -> (list) [required]
+>
+>> The protocol for connections from clients to the gateway
+>> 
+>> Constraints:
+>> 
+>>   * min: `1`
+>>   * max: `2`
+>> 
+
+>> 
+>> (string)
+>>
+>>> Possible values:
+>>> 
+>>>   * `HTTP`
+>>>   * `HTTPS`
+>>> 
+
+
+Shorthand Syntax:
+    
+    
+    protocols=string,string
+    
+
+JSON Syntax:
+    
+    
+    {
+      "protocols": ["HTTP"|"HTTPS", ...]
+    }
+    
+
@@ -253,0 +300,7 @@ JSON Syntax:
+>>>
+>>>> Constraints:
+>>>> 
+>>>>   * min: `1`
+>>>>   * max: `255`
+>>>> 
+
@@ -257,0 +311,6 @@ JSON Syntax:
+>>> 
+>>> Constraints:
+>>> 
+>>>   * pattern: `arn:aws:iam::[0-9]{12}:role/.{1,2048}`
+>>> 
+
@@ -268,0 +328,2 @@ JSON Syntax:
+>>>   * min: `2`
+>>>   * max: `63`
@@ -278,0 +340,2 @@ JSON Syntax:
+>>>   * min: `2`
+>>>   * max: `63`
@@ -311,0 +375,2 @@ JSON Syntax:
+>>>   * min: `2`
+>>>   * max: `63`
@@ -318,0 +384,6 @@ JSON Syntax:
+>>> 
+>>> Constraints:
+>>> 
+>>>   * pattern: `arn:aws:iam::[0-9]{12}:role/.{1,2048}`
+>>> 
+
@@ -355 +426,3 @@ JSON Syntax:
->   * pattern: `[A-Za-z0-9 ]+`
+>   * min: `0`
+>   * max: `255`
+>   * pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`
@@ -394,0 +468,11 @@ JSON Syntax:
+`--gateway-type` (string)
+
+> The type of gateway. Valid values are `EXTERNAL` or `INTERNAL` .
+> 
+> Possible values:
+> 
+>   * `EXTERNAL`
+>   * `INTERNAL`
+> 
+
+
@@ -513,0 +598,2 @@ gatewayId -> (string)
+>   * min: `8`
+>   * max: `32`
@@ -535,0 +622,36 @@ status -> (string)
+listenerConfig -> (structure)
+
+> The listener configuration for the responder gateway.
+> 
+> protocols -> (list) [required]
+>
+>> The protocol for connections from clients to the gateway
+>> 
+>> Constraints:
+>> 
+>>   * min: `1`
+>>   * max: `2`
+>> 
+
+>> 
+>> (string)
+>>
+>>> Possible values:
+>>> 
+>>>   * `HTTP`
+>>>   * `HTTPS`
+>>> 
+
+
+externalInboundEndpoint -> (string)
+
+> The external inbound endpoint for the responder gateway.
+> 
+> Constraints:
+> 
+>   * min: `1`
+>   * max: `255`
+>   * pattern: `(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?)(?:\.(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?))+`
+> 
+
+
@@ -546 +668 @@ status -> (string)
-  * [AWS CLI 2.34.25 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.28 Command Reference](../../index.html) »