AWS serverless-application-model documentation change
Summary
Added EndpointAccessMode property for custom domain names, required when using enhanced security policies prefixed with 'SecurityPolicy_'
Security assessment
This change introduces documentation for the EndpointAccessMode property which is required when using enhanced security policies. While this adds security-related documentation about TLS/SSL configuration requirements, there is no evidence it addresses a specific security vulnerability or incident.
Diff
diff --git a/serverless-application-model/latest/developerguide/sam-property-api-domainconfiguration.md b/serverless-application-model/latest/developerguide/sam-property-api-domainconfiguration.md index 8eed227b4..ea08269c5 100644 --- a//serverless-application-model/latest/developerguide/sam-property-api-domainconfiguration.md +++ b//serverless-application-model/latest/developerguide/sam-property-api-domainconfiguration.md @@ -23,0 +24 @@ To declare this entity in your AWS Serverless Application Model (AWS SAM) templa + EndpointAccessMode: String @@ -101,0 +103,13 @@ _CloudFormation compatibility_ : This property is unique to AWS SAM and doesn't +`EndpointAccessMode` + + +The access mode for the custom domain name endpoint. Required when using enhanced security policies (those prefixed with `SecurityPolicy_`). + +_Valid values_ : `STRICT` or `BASIC` + +_Type_ : String + +_Required_ : Conditional + +_CloudFormation compatibility_ : This property is passed directly to the `[EndpointAccessMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-endpointaccessmode)` property of an `AWS::ApiGateway::DomainName` resource, or to [`AWS::ApiGateway::DomainNameV2`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainnamev2) when `EndpointConfiguration` is set to `PRIVATE`. +