AWS cli documentation change
Summary
Added documentation for S3_TABLES data source type, ConsumerAccountRoleArn parameter, and S3TablesParameters structure
Security assessment
The change documents the ConsumerAccountRoleArn parameter which enables cross-account Athena access through role-chaining, a security feature for access control management. This is not fixing a security issue but documenting security-related functionality for data source configuration.
Diff
diff --git a/cli/latest/reference/quicksight/describe-data-source.md b/cli/latest/reference/quicksight/describe-data-source.md index 7a5cdb928..e4a795ea0 100644 --- a//cli/latest/reference/quicksight/describe-data-source.md +++ b//cli/latest/reference/quicksight/describe-data-source.md @@ -15 +15 @@ - * [AWS CLI 2.34.29 Command Reference](../../index.html) » + * [AWS CLI 2.34.32 Command Reference](../../index.html) » @@ -266,0 +267 @@ DataSource -> (structure) +>> * `S3_TABLES` @@ -359,0 +361,11 @@ DataSource -> (structure) +>>> +>>> ConsumerAccountRoleArn -> (string) +>>> +>>>> Use `ConsumerAccountRoleArn` to perform cross-account Athena access. This is an IAM role ARN in the same AWS account as the Athena resources you want to access. Provide this along with `RoleArn` to enable role-chaining, where Amazon Quick Sight first assumes the `RoleArn` and then assumes the `ConsumerAccountRoleArn` to access Athena resources. +>>>> +>>>> Constraints: +>>>> +>>>> * min: `20` +>>>> * max: `2048` +>>>> + @@ -836,0 +849,14 @@ DataSource -> (structure) +>> +>> S3TablesParameters -> (structure) +>> +>>> The parameters for S3 Tables. +>>> +>>> TableBucketArn -> (string) +>>> +>>>> The Amazon Resource Name (ARN) of the S3 Tables bucket. +>>>> +>>>> Constraints: +>>>> +>>>> * pattern: `^(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-zA-Z0-9-_]{3,63})$` +>>>> + @@ -1616,0 +1643,11 @@ DataSource -> (structure) +>>>> +>>>> ConsumerAccountRoleArn -> (string) +>>>> +>>>>> Use `ConsumerAccountRoleArn` to perform cross-account Athena access. This is an IAM role ARN in the same AWS account as the Athena resources you want to access. Provide this along with `RoleArn` to enable role-chaining, where Amazon Quick Sight first assumes the `RoleArn` and then assumes the `ConsumerAccountRoleArn` to access Athena resources. +>>>>> +>>>>> Constraints: +>>>>> +>>>>> * min: `20` +>>>>> * max: `2048` +>>>>> + @@ -2093,0 +2131,14 @@ DataSource -> (structure) +>>> +>>> S3TablesParameters -> (structure) +>>> +>>>> The parameters for S3 Tables. +>>>> +>>>> TableBucketArn -> (string) +>>>> +>>>>> The Amazon Resource Name (ARN) of the S3 Tables bucket. +>>>>> +>>>>> Constraints: +>>>>> +>>>>> * pattern: `^(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-zA-Z0-9-_]{3,63})$` +>>>>> + @@ -2890 +2941 @@ Status -> (integer) - * [AWS CLI 2.34.29 Command Reference](../../index.html) » + * [AWS CLI 2.34.32 Command Reference](../../index.html) »