AWS cli documentation change
Summary
Added documentation for new S3_TABLES data source type and ConsumerAccountRoleArn parameter for cross-account Athena access with role chaining
Security assessment
The change adds documentation for ConsumerAccountRoleArn which enables secure cross-account access through role chaining, a security feature for managing access control between AWS accounts. No evidence of addressing a specific security vulnerability.
Diff
diff --git a/cli/latest/reference/quicksight/list-data-sources.md b/cli/latest/reference/quicksight/list-data-sources.md index f79b06fdc..a25d7b3b4 100644 --- a//cli/latest/reference/quicksight/list-data-sources.md +++ b//cli/latest/reference/quicksight/list-data-sources.md @@ -15 +15 @@ - * [AWS CLI 2.34.29 Command Reference](../../index.html) » + * [AWS CLI 2.34.32 Command Reference](../../index.html) » @@ -288,0 +289 @@ DataSources -> (list) +>>> * `S3_TABLES` @@ -381,0 +383,11 @@ DataSources -> (list) +>>>> +>>>> ConsumerAccountRoleArn -> (string) +>>>> +>>>>> Use `ConsumerAccountRoleArn` to perform cross-account Athena access. This is an IAM role ARN in the same AWS account as the Athena resources you want to access. Provide this along with `RoleArn` to enable role-chaining, where Amazon Quick Sight first assumes the `RoleArn` and then assumes the `ConsumerAccountRoleArn` to access Athena resources. +>>>>> +>>>>> Constraints: +>>>>> +>>>>> * min: `20` +>>>>> * max: `2048` +>>>>> + @@ -858,0 +871,14 @@ DataSources -> (list) +>>> +>>> S3TablesParameters -> (structure) +>>> +>>>> The parameters for S3 Tables. +>>>> +>>>> TableBucketArn -> (string) +>>>> +>>>>> The Amazon Resource Name (ARN) of the S3 Tables bucket. +>>>>> +>>>>> Constraints: +>>>>> +>>>>> * pattern: `^(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-zA-Z0-9-_]{3,63})$` +>>>>> + @@ -1638,0 +1665,11 @@ DataSources -> (list) +>>>>> +>>>>> ConsumerAccountRoleArn -> (string) +>>>>> +>>>>>> Use `ConsumerAccountRoleArn` to perform cross-account Athena access. This is an IAM role ARN in the same AWS account as the Athena resources you want to access. Provide this along with `RoleArn` to enable role-chaining, where Amazon Quick Sight first assumes the `RoleArn` and then assumes the `ConsumerAccountRoleArn` to access Athena resources. +>>>>>> +>>>>>> Constraints: +>>>>>> +>>>>>> * min: `20` +>>>>>> * max: `2048` +>>>>>> + @@ -2115,0 +2153,14 @@ DataSources -> (list) +>>>> +>>>> S3TablesParameters -> (structure) +>>>> +>>>>> The parameters for S3 Tables. +>>>>> +>>>>> TableBucketArn -> (string) +>>>>> +>>>>>> The Amazon Resource Name (ARN) of the S3 Tables bucket. +>>>>>> +>>>>>> Constraints: +>>>>>> +>>>>>> * pattern: `^(arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:bucket/[a-zA-Z0-9-_]{3,63})$` +>>>>>> + @@ -2916 +2967 @@ Status -> (integer) - * [AWS CLI 2.34.29 Command Reference](../../index.html) » + * [AWS CLI 2.34.32 Command Reference](../../index.html) »