AWS ivs documentation change
Summary
Added adConfigurationArn field for channel ad configuration and added HTTP security headers (accessControlAllowOrigin, contentSecurityPolicy, strictTransportSecurity, xFrameOptions, etc.) to error response documentation
Security assessment
The change adds documentation for security-related HTTP headers in error responses, including Content-Security-Policy, Strict-Transport-Security, and X-Frame-Options headers which help prevent clickjacking, enforce HTTPS, and control resource loading. This documents existing security features rather than addressing a specific vulnerability.
Diff
diff --git a/ivs/latest/LowLatencyAPIReference/API_UpdateChannel.md b/ivs/latest/LowLatencyAPIReference/API_UpdateChannel.md index 704eca7f4..68268bfac 100644 --- a//ivs/latest/LowLatencyAPIReference/API_UpdateChannel.md +++ b//ivs/latest/LowLatencyAPIReference/API_UpdateChannel.md @@ -19,0 +20 @@ Updates a channel's configuration. Live channels cannot be updated. You must sto + "adConfigurationArn": "string", @@ -44,0 +46,13 @@ The request accepts the following data in JSON format. +**adConfigurationArn ** + + +ARN of the ad configuration associated with the channel. + +Type: String + +Length Constraints: Minimum length of 0. Maximum length of 128. + +Pattern: `^$|^arn:aws:ivs:[a-z0-9-]+:[0-9]+:ad-configuration/[a-zA-Z0-9-]+$` + +Required: No + @@ -175,0 +190 @@ Required: No + "[adConfigurationArn](./API_Channel.html#ivs-Type-Channel-adConfigurationArn)": "**_string_** ", @@ -222,0 +238,12 @@ For information about the errors that are common to all actions, see [Common Err +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -227,0 +255,12 @@ User does not have sufficient access to perform this action. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -232,0 +272,12 @@ HTTP Status Code: 403 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -237,0 +289,12 @@ Updating or deleting a resource can cause an inconsistent state. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -242,0 +306,12 @@ HTTP Status Code: 409 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -247,0 +323,12 @@ Your account is pending verification. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -252,0 +340,12 @@ HTTP Status Code: 403 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -257,0 +357,12 @@ Request references a resource which does not exist. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -262,0 +374,12 @@ HTTP Status Code: 404 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -267,0 +391,12 @@ The input fails to satisfy the constraints specified by an AWS service. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + +