AWS Security ChangesHomeSearch

AWS ivs documentation change

Service: ivs · 2026-04-25 · Documentation low

File: ivs/latest/LowLatencyAPIReference/API_CreateStreamKey.md

Summary

Added pattern validation for tag keys and values, added documentation for security-related HTTP response headers in error responses, and corrected a reference from DeleteChannel to DeleteAdConfiguration

Security assessment

Similar to the first file, this adds documentation for security headers (CORS, CSP, HSTS, X-Frame-Options) in HTTP error responses and adds input validation patterns for tags. The pattern validation helps prevent potential injection attacks. The reference correction is not security-related. No evidence of a specific security vulnerability being addressed.

Diff

diff --git a/ivs/latest/LowLatencyAPIReference/API_CreateStreamKey.md b/ivs/latest/LowLatencyAPIReference/API_CreateStreamKey.md
index afda2168b..f8c1915dd 100644
--- a//ivs/latest/LowLatencyAPIReference/API_CreateStreamKey.md
+++ b//ivs/latest/LowLatencyAPIReference/API_CreateStreamKey.md
@@ -59,0 +60,2 @@ Key Length Constraints: Minimum length of 1. Maximum length of 128.
+Key Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]+)`
+
@@ -61,0 +64,2 @@ Value Length Constraints: Minimum length of 0. Maximum length of 256.
+Value Pattern: `([\p{L}\p{Z}\p{N}_.:/=+\-@]*)`
+
@@ -100,0 +105,12 @@ For information about the errors that are common to all actions, see [Common Err
+**accessControlAllowOrigin**
+    
+
+**accessControlExposeHeaders**
+    
+
+**cacheControl**
+    
+
+**contentSecurityPolicy**
+    
+
@@ -105,0 +122,12 @@ User does not have sufficient access to perform this action.
+**strictTransportSecurity**
+    
+
+**xAmznErrorType**
+    
+
+**xContentTypeOptions**
+    
+
+**xFrameOptions**
+    
+
@@ -110,0 +139,12 @@ HTTP Status Code: 403
+**accessControlAllowOrigin**
+    
+
+**accessControlExposeHeaders**
+    
+
+**cacheControl**
+    
+
+**contentSecurityPolicy**
+    
+
@@ -115,0 +156,12 @@ Your account is pending verification.
+**strictTransportSecurity**
+    
+
+**xAmznErrorType**
+    
+
+**xContentTypeOptions**
+    
+
+**xFrameOptions**
+    
+
@@ -120,0 +173,12 @@ HTTP Status Code: 403
+**accessControlAllowOrigin**
+    
+
+**accessControlExposeHeaders**
+    
+
+**cacheControl**
+    
+
+**contentSecurityPolicy**
+    
+
@@ -125,0 +190,12 @@ Request references a resource which does not exist.
+**strictTransportSecurity**
+    
+
+**xAmznErrorType**
+    
+
+**xContentTypeOptions**
+    
+
+**xFrameOptions**
+    
+
@@ -130,0 +207,12 @@ HTTP Status Code: 404
+**accessControlAllowOrigin**
+    
+
+**accessControlExposeHeaders**
+    
+
+**cacheControl**
+    
+
+**contentSecurityPolicy**
+    
+
@@ -135,0 +224,12 @@ Request would cause a service quota to be exceeded.
+**strictTransportSecurity**
+    
+
+**xAmznErrorType**
+    
+
+**xContentTypeOptions**
+    
+
+**xFrameOptions**
+    
+
@@ -140,0 +241,12 @@ HTTP Status Code: 402
+**accessControlAllowOrigin**
+    
+
+**accessControlExposeHeaders**
+    
+
+**cacheControl**
+    
+
+**contentSecurityPolicy**
+    
+
@@ -145,0 +258,12 @@ The input fails to satisfy the constraints specified by an AWS service.
+**strictTransportSecurity**
+    
+
+**xAmznErrorType**
+    
+
+**xContentTypeOptions**
+    
+
+**xFrameOptions**
+    
+
@@ -183 +307 @@ CreateRecordingConfiguration
-DeleteChannel
+DeleteAdConfiguration