AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-05-31 · Documentation low

File: cli/latest/reference/bedrock-agentcore-control/get-oauth2-credential-provider.md

Summary

Added clientSecretJsonKey and clientSecretSource fields for enhanced OAuth2 client secret management.

Security assessment

New fields allow JSON-key based secret extraction and source differentiation (MANAGED/EXTERNAL), improving secret handling documentation. This enhances security practices but doesn't address a specific vulnerability.

Diff

diff --git a/cli/latest/reference/bedrock-agentcore-control/get-oauth2-credential-provider.md b/cli/latest/reference/bedrock-agentcore-control/get-oauth2-credential-provider.md
index 917eb005b..63c7dbbc4 100644
--- a//cli/latest/reference/bedrock-agentcore-control/get-oauth2-credential-provider.md
+++ b//cli/latest/reference/bedrock-agentcore-control/get-oauth2-credential-provider.md
@@ -15 +15 @@
-  * [AWS CLI 2.34.55 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.57 Command Reference](../../index.html) »
@@ -231,0 +232,22 @@ clientSecretArn -> (structure)
+clientSecretJsonKey -> (string)
+
+> The JSON key used to extract the client secret value from the AWS Secrets Manager secret.
+> 
+> Constraints:
+> 
+>   * min: `1`
+>   * max: `128`
+> 
+
+
+clientSecretSource -> (string)
+
+> The source type of the client secret. Either `MANAGED` if the secret is managed by the service, or `EXTERNAL` if managed by the user in AWS Secrets Manager.
+> 
+> Possible values:
+> 
+>   * `MANAGED`
+>   * `EXTERNAL`
+> 
+
+
@@ -1338 +1360 @@ failureReason -> (string)
-  * [AWS CLI 2.34.55 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.57 Command Reference](../../index.html) »