AWS devopsagent documentation change
Summary
Updated webhook security documentation to include API key (bearer token) as an additional authentication method alongside HMAC signatures.
Security assessment
The change enhances documentation about authentication options but shows no evidence of fixing a vulnerability. It expands security feature documentation by adding an alternative authentication method without referencing any security incident or weakness.
Diff
diff --git a/devopsagent/latest/userguide/aws-devops-agent-security.md b/devopsagent/latest/userguide/aws-devops-agent-security.md index 5a2f769a0..df52630be 100644 --- a//devopsagent/latest/userguide/aws-devops-agent-security.md +++ b//devopsagent/latest/userguide/aws-devops-agent-security.md @@ -206 +206 @@ AWS DevOps Agent supports several integration types, each with its own security - * **Webhook triggers** – Investigation triggers from remote services such as tickets or observability systems. Webhooks use Hash-based Message Authentication Code (HMAC) for security. + * **Webhook triggers** – Investigation triggers from remote services such as tickets or observability systems. Webhooks use either Hash-based Message Authentication Code (HMAC) signatures or an API key (bearer token) for security.