docs(client-sts): Fixed typos in the descriptions.

aws · Jan 10, 2025 · 3ea4627 · 3ea4627
1 parent 05635df
commit 3ea4627
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 17 deletions.
diff --git a/clients/client-sts/src/commands/AssumeRootCommand.ts b/clients/client-sts/src/commands/AssumeRootCommand.ts
@@ -28,14 +28,14 @@ export interface AssumeRootCommandInput extends AssumeRootRequest {}
 export interface AssumeRootCommandOutput extends AssumeRootResponse, __MetadataBearer {}
 
 /**
- * <p>Returns a set of short term credentials you can use to perform privileged tasks in a
- *          member account.</p>
- *          <p>Before you can launch a privileged session, you must have enabled centralized root
- *          access in your organization. For steps to enable this feature, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html">Centralize root access for member accounts</a> in the <i>IAM User
- *             Guide</i>.</p>
+ * <p>Returns a set of short term credentials you can use to perform privileged tasks on a
+ *          member account in your organization.</p>
+ *          <p>Before you can launch a privileged session, you must have centralized root access in
+ *          your organization. For steps to enable this feature, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html">Centralize root access for
+ *             member accounts</a> in the <i>IAM User Guide</i>.</p>
  *          <note>
- *             <p>The global endpoint is not supported for AssumeRoot. You must send this request to a
- *             Regional STS endpoint. For more information, see <a href="https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html#sts-endpoints">Endpoints</a>.</p>
+ *             <p>The STS global endpoint is not supported for AssumeRoot. You must send this request
+ *             to a Regional STS endpoint. For more information, see <a href="https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html#sts-endpoints">Endpoints</a>.</p>
  *          </note>
  *          <p>You can track AssumeRoot in CloudTrail logs to determine what actions were performed in a
  *          session. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-track-privileged-tasks.html">Track privileged tasks

diff --git a/clients/client-sts/src/models/models_0.ts b/clients/client-sts/src/models/models_0.ts
@@ -303,7 +303,7 @@ export interface AssumeRoleRequest {
    *          <i>IAM User Guide</i>.</p>
    *          <p>The regex used to validate this parameter is a string of characters consisting of upper-
    *          and lower-case alphanumeric characters with no spaces. You can also include underscores or
-   *          any of the following characters: =,.@-. You cannot use a value that begins with the text
+   *          any of the following characters: +=,.@-. You cannot use a value that begins with the text
    *             <code>aws:</code>. This prefix is reserved for Amazon Web Services internal use.</p>
    * @public
    */
@@ -806,8 +806,8 @@ export interface AssumeRoleWithWebIdentityRequest {
    *          provider. Your application must get this token by authenticating the user who is using your
    *          application with a web identity provider before the application makes an
    *             <code>AssumeRoleWithWebIdentity</code> call. Timestamps in the token must be formatted
-   *          as either an integer or a long integer. Only tokens with RSA algorithms (RS256) are
-   *          supported.</p>
+   *          as either an integer or a long integer. Tokens must be signed using either RSA keys (RS256,
+   *          RS384, or RS512) or ECDSA keys (ES256, ES384, or ES512).</p>
    * @public
    */
   WebIdentityToken: string | undefined;
@@ -1023,9 +1023,8 @@ export interface AssumeRootRequest {
 
   /**
    * <p>The identity based policy that scopes the session to the privileged tasks that can be
-   *          performed. You can use one of following Amazon Web Services managed policies to scope
-   *          root session actions. You can add additional customer managed policies to further limit the
-   *          permissions for the root session.</p>
+   *          performed. You can use one of following Amazon Web Services managed policies to scope root session
+   *          actions.</p>
    *          <ul>
    *             <li>
    *                <p>

diff --git a/codegen/sdk-codegen/aws-models/sts.json b/codegen/sdk-codegen/aws-models/sts.json
@@ -2383,7 +2383,7 @@
         "SourceIdentity": {
           "target": "com.amazonaws.sts#sourceIdentityType",
           "traits": {
-            "smithy.api#documentation": "<p>The source identity specified by the principal that is calling the\n            <code>AssumeRole</code> operation. The source identity value persists across <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html#iam-term-role-chaining\">chained role</a> sessions.</p>\n         <p>You can require users to specify a source identity when they assume a role. You do this\n         by using the <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceidentity\">\n               <code>sts:SourceIdentity</code>\n            </a> condition key in a role trust policy. You\n         can use source identity information in CloudTrail logs to determine who took actions with a\n         role. You can use the <code>aws:SourceIdentity</code> condition key to further control\n         access to Amazon Web Services resources based on the value of source identity. For more information about\n         using source identity, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html\">Monitor and control\n            actions taken with assumed roles</a> in the\n         <i>IAM User Guide</i>.</p>\n         <p>The regex used to validate this parameter is a string of characters consisting of upper-\n         and lower-case alphanumeric characters with no spaces. You can also include underscores or\n         any of the following characters: =,.@-. You cannot use a value that begins with the text\n            <code>aws:</code>. This prefix is reserved for Amazon Web Services internal use.</p>"
+            "smithy.api#documentation": "<p>The source identity specified by the principal that is calling the\n            <code>AssumeRole</code> operation. The source identity value persists across <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html#iam-term-role-chaining\">chained role</a> sessions.</p>\n         <p>You can require users to specify a source identity when they assume a role. You do this\n         by using the <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceidentity\">\n               <code>sts:SourceIdentity</code>\n            </a> condition key in a role trust policy. You\n         can use source identity information in CloudTrail logs to determine who took actions with a\n         role. You can use the <code>aws:SourceIdentity</code> condition key to further control\n         access to Amazon Web Services resources based on the value of source identity. For more information about\n         using source identity, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html\">Monitor and control\n            actions taken with assumed roles</a> in the\n         <i>IAM User Guide</i>.</p>\n         <p>The regex used to validate this parameter is a string of characters consisting of upper-\n         and lower-case alphanumeric characters with no spaces. You can also include underscores or\n         any of the following characters: +=,.@-. You cannot use a value that begins with the text\n            <code>aws:</code>. This prefix is reserved for Amazon Web Services internal use.</p>"
           }
         },
         "ProvidedContexts": {
@@ -2687,7 +2687,7 @@
         "WebIdentityToken": {
           "target": "com.amazonaws.sts#clientTokenType",
           "traits": {
-            "smithy.api#documentation": "<p>The OAuth 2.0 access token or OpenID Connect ID token that is provided by the identity\n         provider. Your application must get this token by authenticating the user who is using your\n         application with a web identity provider before the application makes an\n            <code>AssumeRoleWithWebIdentity</code> call. Timestamps in the token must be formatted\n         as either an integer or a long integer. Only tokens with RSA algorithms (RS256) are\n         supported.</p>",
+            "smithy.api#documentation": "<p>The OAuth 2.0 access token or OpenID Connect ID token that is provided by the identity\n         provider. Your application must get this token by authenticating the user who is using your\n         application with a web identity provider before the application makes an\n            <code>AssumeRoleWithWebIdentity</code> call. Timestamps in the token must be formatted\n         as either an integer or a long integer. Tokens must be signed using either RSA keys (RS256,\n         RS384, or RS512) or ECDSA keys (ES256, ES384, or ES512).</p>",
             "smithy.api#required": {}
           }
         },
@@ -2788,7 +2788,7 @@
         }
       ],
       "traits": {
-        "smithy.api#documentation": "<p>Returns a set of short term credentials you can use to perform privileged tasks in a\n         member account.</p>\n         <p>Before you can launch a privileged session, you must have enabled centralized root\n         access in your organization. For steps to enable this feature, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html\">Centralize root access for member accounts</a> in the <i>IAM User\n            Guide</i>.</p>\n         <note>\n            <p>The global endpoint is not supported for AssumeRoot. You must send this request to a\n            Regional STS endpoint. For more information, see <a href=\"https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html#sts-endpoints\">Endpoints</a>.</p>\n         </note>\n         <p>You can track AssumeRoot in CloudTrail logs to determine what actions were performed in a\n         session. For more information, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-track-privileged-tasks.html\">Track privileged tasks\n            in CloudTrail</a> in the <i>IAM User Guide</i>.</p>",
+        "smithy.api#documentation": "<p>Returns a set of short term credentials you can use to perform privileged tasks on a\n         member account in your organization.</p>\n         <p>Before you can launch a privileged session, you must have centralized root access in\n         your organization. For steps to enable this feature, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html\">Centralize root access for\n            member accounts</a> in the <i>IAM User Guide</i>.</p>\n         <note>\n            <p>The STS global endpoint is not supported for AssumeRoot. You must send this request\n            to a Regional STS endpoint. For more information, see <a href=\"https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html#sts-endpoints\">Endpoints</a>.</p>\n         </note>\n         <p>You can track AssumeRoot in CloudTrail logs to determine what actions were performed in a\n         session. For more information, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-track-privileged-tasks.html\">Track privileged tasks\n            in CloudTrail</a> in the <i>IAM User Guide</i>.</p>",
         "smithy.api#examples": [
           {
             "title": "To launch a privileged session",
@@ -2826,7 +2826,7 @@
         "TaskPolicyArn": {
           "target": "com.amazonaws.sts#PolicyDescriptorType",
           "traits": {
-            "smithy.api#documentation": "<p>The identity based policy that scopes the session to the privileged tasks that can be\n         performed. You can use one of following Amazon Web Services managed policies to scope\n         root session actions. You can add additional customer managed policies to further limit the\n         permissions for the root session.</p>\n         <ul>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMAuditRootUserCredentials\">IAMAuditRootUserCredentials</a>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMCreateRootUserPassword\">IAMCreateRootUserPassword</a>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMDeleteRootUserCredentials\">IAMDeleteRootUserCredentials</a>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-S3UnlockBucketPolicy\">S3UnlockBucketPolicy</a>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-SQSUnlockQueuePolicy\">SQSUnlockQueuePolicy</a>\n               </p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The identity based policy that scopes the session to the privileged tasks that can be\n         performed. You can use one of following Amazon Web Services managed policies to scope root session\n         actions.</p>\n         <ul>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMAuditRootUserCredentials\">IAMAuditRootUserCredentials</a>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMCreateRootUserPassword\">IAMCreateRootUserPassword</a>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMDeleteRootUserCredentials\">IAMDeleteRootUserCredentials</a>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-S3UnlockBucketPolicy\">S3UnlockBucketPolicy</a>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-SQSUnlockQueuePolicy\">SQSUnlockQueuePolicy</a>\n               </p>\n            </li>\n         </ul>",
             "smithy.api#required": {}
           }
         },