AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-06-19 · Documentation low

File: cli/latest/reference/securityagent/create-integration.md

Summary

Added support for GitLab, Bitbucket, and Confluence integrations. Extended GitHub integration with new fields. Added private connection option.

Security assessment

The changes document new integration options and authentication parameters (access tokens, OAuth codes) for security agent configurations. While these are security features, there's no evidence of addressing a specific vulnerability.

Diff

diff --git a/cli/latest/reference/securityagent/create-integration.md b/cli/latest/reference/securityagent/create-integration.md
index c24bcde5d..5978bf4b6 100644
--- a//cli/latest/reference/securityagent/create-integration.md
+++ b//cli/latest/reference/securityagent/create-integration.md
@@ -15 +15 @@
-  * [AWS CLI 2.35.5 Command Reference](../../index.html) »
+  * [AWS CLI 2.35.8 Command Reference](../../index.html) »
@@ -71,0 +72 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
+    [--private-connection-name <value>]
@@ -103,0 +105,3 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
+>   * `GITLAB`
+>   * `BITBUCKET`
+>   * `CONFLUENCE`
@@ -113 +117 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
-> This is a Tagged Union structure. Only one of the following top level keys can be set: `github`.
+> This is a Tagged Union structure. Only one of the following top level keys can be set: `github`, `gitlab`, `bitbucket`, `confluence`.
@@ -129,0 +134,75 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
+>> 
+>> targetUrl -> (string)
+>>
+>>> The HTTPS URL of a self-hosted GitHub Enterprise Server instance. Omit this value for GitHub.com.
+>> 
+>> installationId -> (string)
+>>
+>>> The installation identifier provided by GitHub Enterprise Server on the install callback. Required for GitHub Enterprise Server integrations and ignored for GitHub.com.
+> 
+> gitlab -> (structure)
+>
+>> The configuration for a GitLab integration.
+>> 
+>> accessToken -> (string) [required]
+>>
+>>> The GitLab access token used to authenticate. This can be a personal access token or a group access token.
+>> 
+>> targetUrl -> (string)
+>>
+>>> The HTTPS URL of a self-managed GitLab instance. Omit this value for GitLab SaaS (gitlab.com).
+>> 
+>> tokenType -> (string) [required]
+>>
+>>> The type of GitLab access token provided in accessToken.
+>>> 
+>>> Possible values:
+>>> 
+>>>   * `PERSONAL`
+>>>   * `GROUP`
+>>> 
+
+>> 
+>> groupId -> (string)
+>>
+>>> The identifier of the GitLab group. Required when tokenType is group and ignored for personal tokens.
+> 
+> bitbucket -> (structure)
+>
+>> The configuration for a Bitbucket integration.
+>> 
+>> installationId -> (string) [required]
+>>
+>>> The Atlassian installation identifier, available from the Atlassian administration console.
+>> 
+>> workspace -> (string) [required]
+>>
+>>> The Bitbucket workspace slug that identifies the workspace to integrate, for example acme-corp.
+>> 
+>> code -> (string) [required]
+>>
+>>> The OAuth 2.0 authorization code returned from the consent redirect.
+>> 
+>> state -> (string) [required]
+>>
+>>> The CSRF state token echoed back from the OAuth redirect.
+> 
+> confluence -> (structure)
+>
+>> The configuration for a Confluence integration.
+>> 
+>> installationId -> (string) [required]
+>>
+>>> The Atlassian installation identifier, available from the Atlassian administration console.
+>> 
+>> code -> (string) [required]
+>>
+>>> The OAuth 2.0 authorization code returned from the consent redirect.
+>> 
+>> state -> (string) [required]
+>>
+>>> The CSRF state token echoed back from the OAuth redirect.
+>> 
+>> siteUrl -> (string) [required]
+>>
+>>> The Confluence Cloud site URL, for example <https://mysite.atlassian.net>.
@@ -134 +213 @@ Shorthand Syntax:
-    github={code=string,state=string,organizationName=string}
+    github={code=string,state=string,organizationName=string,targetUrl=string,installationId=string},gitlab={accessToken=string,targetUrl=string,tokenType=string,groupId=string},bitbucket={installationId=string,workspace=string,code=string,state=string},confluence={installationId=string,code=string,state=string,siteUrl=string}
@@ -144 +223,21 @@ JSON Syntax:
-        "organizationName": "string"
+        "organizationName": "string",
+        "targetUrl": "string",
+        "installationId": "string"
+      },
+      "gitlab": {
+        "accessToken": "string",
+        "targetUrl": "string",
+        "tokenType": "PERSONAL"|"GROUP",
+        "groupId": "string"
+      },
+      "bitbucket": {
+        "installationId": "string",
+        "workspace": "string",
+        "code": "string",
+        "state": "string"
+      },
+      "confluence": {
+        "installationId": "string",
+        "code": "string",
+        "state": "string",
+        "siteUrl": "string"
@@ -181,0 +281,4 @@ JSON Syntax:
+`--private-connection-name` (string)
+
+> The name of an active private connection used to reach a self-hosted provider instance over private networking. Specify this when the instance is not publicly reachable.
+
@@ -309 +412 @@ integrationId -> (string)
-  * [AWS CLI 2.35.5 Command Reference](../../index.html) »
+  * [AWS CLI 2.35.8 Command Reference](../../index.html) »