AWS Security ChangesHomeSearch

AWS opensearch-service high security documentation change

Service: opensearch-service · 2026-07-10 · Security-related high

File: opensearch-service/latest/developerguide/serverless-clients.md

Summary

Fixed code examples for OpenSearch Serverless clients by adding credentials provider configuration

Security assessment

The change corrects authentication implementation in code samples by explicitly setting credentials providers. Missing credentials could lead to unsigned requests and unauthorized access, making this a security-relevant fix.

Diff

diff --git a/opensearch-service/latest/developerguide/serverless-clients.md b/opensearch-service/latest/developerguide/serverless-clients.md
index a8d6006a6..4a1b0db85 100644
--- a//opensearch-service/latest/developerguide/serverless-clients.md
+++ b//opensearch-service/latest/developerguide/serverless-clients.md
@@ -261 +261 @@ The following sample code again establishes a secure connection, and then search
-            "aoss" // signing service name
+            "aoss", // signing service name
@@ -263 +263 @@ The following sample code again establishes a secure connection, and then search
-            AwsSdk2TransportOptions.builder().build()
+            AwsSdk2TransportOptions.builder().setCredentials(credentialsProvider).build()
@@ -296 +296 @@ The following sample code establishes a secure connection and indexes a document
-            "aoss" // signing service name
+            "aoss", // signing service name
@@ -298 +298 @@ The following sample code establishes a secure connection and indexes a document
-            AwsSdk2TransportOptions.builder().build()
+            AwsSdk2TransportOptions.builder().setCredentials(credentialsProvider).build()