AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-05-07 · Documentation low

File: cli/latest/reference/securityagent/batch-get-target-domains.md

Summary

Updated documentation for the 'batch-get-target-domains' command including clarified descriptions, added verificationStatusReason field, and more detailed explanations of penetration testing verification requirements.

Security assessment

The changes enhance documentation about penetration testing domain verification processes (DNS TXT/HTTP methods) and add a new verificationStatusReason field, improving transparency of security controls. While this provides clearer security documentation, there's no evidence of addressing a specific vulnerability.

Diff

diff --git a/cli/latest/reference/securityagent/batch-get-target-domains.md b/cli/latest/reference/securityagent/batch-get-target-domains.md
index 2898c114c..30ad20499 100644
--- a//cli/latest/reference/securityagent/batch-get-target-domains.md
+++ b//cli/latest/reference/securityagent/batch-get-target-domains.md
@@ -15 +15 @@
-  * [AWS CLI 2.34.41 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.44 Command Reference](../../index.html) »
@@ -59 +59 @@ First time using the AWS CLI? See the [User Guide](https://docs.aws.amazon.com/c
-Retrieves multiple target domains in a single request
+Retrieves information about one or more target domains.
@@ -95 +95 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
-> List of target domain IDs to retrieve
+> The list of target domain identifiers to retrieve.
@@ -220 +220 @@ targetDomains -> (list)
-> List of target domains that were successfully retrieved
+> The list of target domains that were found.
@@ -224 +224 @@ targetDomains -> (list)
->> Represents a target domain
+>> Represents a target domain registered for penetration testing. A target domain must be verified through DNS TXT or HTTP route verification before it can be used in pentests.
@@ -228 +228 @@ targetDomains -> (list)
->>> Unique identifier of the target domain
+>>> The unique identifier of the target domain.
@@ -232 +232 @@ targetDomains -> (list)
->>> Name of the registered target domain
+>>> The domain name of the target domain.
@@ -236 +236 @@ targetDomains -> (list)
->>> Current verification status of the registered target domain
+>>> The current verification status of the target domain.
@@ -245,0 +246,4 @@ targetDomains -> (list)
+>> 
+>> verificationStatusReason -> (string)
+>>
+>>> The reason for the current target domain verification status.
@@ -249 +253 @@ targetDomains -> (list)
->>> Verification details to verify registered target domain
+>>> The verification details for the target domain.
@@ -253 +257 @@ targetDomains -> (list)
->>>> Type of domain ownership verification method
+>>>> The verification method used for the target domain.
@@ -258,0 +263 @@ targetDomains -> (list)
+>>>>   * `PRIVATE_VPC`
@@ -264 +269 @@ targetDomains -> (list)
->>>> Represents dns txt verification details
+>>>> The DNS TXT verification details.
@@ -268 +273 @@ targetDomains -> (list)
->>>>> Token used to verify domain ownership
+>>>>> The verification token to include in the DNS record value.
@@ -272 +277 @@ targetDomains -> (list)
->>>>> Record name to be added in DNS for target domain
+>>>>> The name of the DNS record to create for verification.
@@ -276 +281 @@ targetDomains -> (list)
->>>>> Type of record to be added in DNS for target domain
+>>>>> The type of DNS record to create. Currently, only TXT is supported.
@@ -286 +291 @@ targetDomains -> (list)
->>>> Represents http route verification details
+>>>> The HTTP route verification details.
@@ -290 +295 @@ targetDomains -> (list)
->>>>> Token used to verify domain ownership
+>>>>> The verification token to serve at the specified route path.
@@ -294 +299 @@ targetDomains -> (list)
->>>>> Route path where verification token should be placed
+>>>>> The HTTP route path where the verification token must be served.
@@ -298 +303 @@ targetDomains -> (list)
->>> Timestamp when the target domain was registered
+>>> The date and time the target domain was created, in UTC format.
@@ -302 +307 @@ targetDomains -> (list)
->>> Timestamp when the target domain was last successfully verified
+>>> The date and time the target domain was verified, in UTC format.
@@ -306 +311 @@ notFound -> (list)
-> List of target domain IDs that could not be found
+> The list of target domain identifiers that were not found.
@@ -320 +325 @@ notFound -> (list)
-  * [AWS CLI 2.34.41 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.44 Command Reference](../../index.html) »