AWS cli documentation change
Summary
Added documentation for 'advertisedScopeMapping' parameter in OAuth configuration
Security assessment
Documents new OAuth security feature for scope mapping between identity providers and clients, improving security transparency. No evidence of vulnerability being fixed.
Diff
diff --git a/cli/latest/reference/bedrock-agentcore-control/create-agent-runtime.md b/cli/latest/reference/bedrock-agentcore-control/create-agent-runtime.md index 06399676e..f3991b142 100644 --- a//cli/latest/reference/bedrock-agentcore-control/create-agent-runtime.md +++ b//cli/latest/reference/bedrock-agentcore-control/create-agent-runtime.md @@ -15 +15 @@ - * [AWS CLI 2.35.16 Command Reference](../../index.html) » + * [AWS CLI 2.35.19 Command Reference](../../index.html) » @@ -432,0 +433,31 @@ JSON Syntax: +>> +>> advertisedScopeMapping -> (map) +>> +>>> A map that associates each scope in `allowedScopes` with a corresponding advertised scope value. The advertised scope appears in OAuth protected resource metadata and `WWW-Authenticate` response headers. Use this parameter when the scope that clients request from your identity provider differs from the scope in the validated token. Each key is a scope from `allowedScopes` that the service uses for token validation. Each value is the corresponding scope that the service advertises to clients. Scopes without a mapping entry appear unchanged to clients. +>>> +>>> Constraints: +>>> +>>> * min: `1` +>>> * max: `50` +>>> + +>>> +>>> key -> (string) +>>> +>>>> Constraints: +>>>> +>>>> * min: `1` +>>>> * max: `255` +>>>> * pattern: `[\x21\x23-\x5B\x5D-\x7E]+` +>>>> + +>>> +>>> value -> (string) +>>> +>>>> Constraints: +>>>> +>>>> * min: `1` +>>>> * max: `255` +>>>> * pattern: `[\x21\x23-\x5B\x5D-\x7E]+` +>>>> + @@ -869,0 +901,2 @@ JSON Syntax: + "advertisedScopeMapping": {"string": "string" + ...}, @@ -1439 +1472 @@ status -> (string) - * [AWS CLI 2.35.16 Command Reference](../../index.html) » + * [AWS CLI 2.35.19 Command Reference](../../index.html) »