AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-07-01 · Documentation medium

File: cli/latest/reference/cleanrooms/update-configured-table-analysis-rule.md

Summary

Added 'allowedResultReceivers' (list of AWS account IDs) and 'allowedAdditionalAnalyses' (list of ARNs) fields to custom analysis rules with validation constraints.

Security assessment

New fields enable granular access control by specifying allowed result recipients and permitted analysis methods. This documents security features for data sharing governance, though no specific vulnerability is addressed. The account ID patterns and ARN constraints demonstrate security-focused input validation.

Diff

diff --git a/cli/latest/reference/cleanrooms/update-configured-table-analysis-rule.md b/cli/latest/reference/cleanrooms/update-configured-table-analysis-rule.md
index a76465a6b..664e3c756 100644
--- a//cli/latest/reference/cleanrooms/update-configured-table-analysis-rule.md
+++ b//cli/latest/reference/cleanrooms/update-configured-table-analysis-rule.md
@@ -15 +15 @@
-  * [AWS CLI 2.35.11 Command Reference](../../index.html) »
+  * [AWS CLI 2.35.13 Command Reference](../../index.html) »
@@ -510,0 +511,35 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/cleanr
+>>> 
+>>> allowedResultReceivers -> (list)
+>>>
+>>>> The list of Amazon Web Services account IDs that are allowed to receive results from queries run on the configured table.
+>>>> 
+>>>> (string)
+>>>>
+>>>>> Constraints:
+>>>>> 
+>>>>>   * min: `12`
+>>>>>   * max: `12`
+>>>>>   * pattern: `\d+`
+>>>>> 
+
+>>> 
+>>> allowedAdditionalAnalyses -> (list)
+>>>
+>>>> The list of allowed additional analyses for the custom analysis rule.
+>>>> 
+>>>> Constraints:
+>>>> 
+>>>>   * min: `0`
+>>>>   * max: `25`
+>>>> 
+
+>>>> 
+>>>> (string)
+>>>>
+>>>>> Constraints:
+>>>>> 
+>>>>>   * min: `0`
+>>>>>   * max: `256`
+>>>>>   * pattern: `arn:aws:cleanrooms:[\w]{2}-[\w]{4,9}-[\d]:([\d]{12}|\*):membership\/[\*\d\w-]+\/configuredaudiencemodelassociation\/[\*\d\w-]+$|^arn:aws[-a-z]*:cleanrooms-ml:[-a-z0-9]+:([0-9]{12}|\*):membership\/[\*\d\w-]+\/configured-model-algorithm-association\/([-a-zA-Z0-9_\/.]+|\*)`
+>>>>> 
+
@@ -558 +593,3 @@ JSON Syntax:
-          }
+          },
+          "allowedResultReceivers": ["string", ...],
+          "allowedAdditionalAnalyses": ["string", ...]
@@ -1096,0 +1134,35 @@ analysisRule -> (structure)
+>>>> 
+>>>> allowedResultReceivers -> (list)
+>>>>
+>>>>> The list of Amazon Web Services account IDs that are allowed to receive results from queries run on the configured table.
+>>>>> 
+>>>>> (string)
+>>>>>
+>>>>>> Constraints:
+>>>>>> 
+>>>>>>   * min: `12`
+>>>>>>   * max: `12`
+>>>>>>   * pattern: `\d+`
+>>>>>> 
+
+>>>> 
+>>>> allowedAdditionalAnalyses -> (list)
+>>>>
+>>>>> The list of allowed additional analyses for the custom analysis rule.
+>>>>> 
+>>>>> Constraints:
+>>>>> 
+>>>>>   * min: `0`
+>>>>>   * max: `25`
+>>>>> 
+
+>>>>> 
+>>>>> (string)
+>>>>>
+>>>>>> Constraints:
+>>>>>> 
+>>>>>>   * min: `0`
+>>>>>>   * max: `256`
+>>>>>>   * pattern: `arn:aws:cleanrooms:[\w]{2}-[\w]{4,9}-[\d]:([\d]{12}|\*):membership\/[\*\d\w-]+\/configuredaudiencemodelassociation\/[\*\d\w-]+$|^arn:aws[-a-z]*:cleanrooms-ml:[-a-z0-9]+:([0-9]{12}|\*):membership\/[\*\d\w-]+\/configured-model-algorithm-association\/([-a-zA-Z0-9_\/.]+|\*)`
+>>>>>> 
+
@@ -1128 +1200 @@ analysisRule -> (structure)
-  * [AWS CLI 2.35.11 Command Reference](../../index.html) »
+  * [AWS CLI 2.35.13 Command Reference](../../index.html) »