generated: '2026-06-20' method: derived source: >- Derived from openapi/amazon-cloud-wan-openapi.yml (security schemes, response shapes) and AWS public compliance documentation. standards: - id: aws-sigv4 conforms: true evidence: >- securitySchemes.aws_signature (AWS Signature Version 4) is the sole security requirement in the OpenAPI. - id: oauth2 conforms: false evidence: No oauth2 security scheme; the API authenticates with AWS SigV4. - id: oidc conforms: false - id: rfc9457-problem-details conforms: false evidence: >- Errors return service-specific JSON exception objects with a Message field, not application/problem+json. - id: json-api conforms: false - id: odata conforms: false - id: fhir-r4 conforms: false - id: scim conforms: false - id: pagination conforms: true evidence: >- List operations use maxResults + nextToken cursor pagination (ListCoreNetworksResponse.NextToken). - id: idempotency conforms: partial evidence: >- GET and DELETE operations are idempotent; CreateCoreNetwork is not declared idempotent in the captured spec. - id: soc2 conforms: true evidence: >- AWS services are covered by AWS SOC 1/2/3 reports (aws.amazon.com/compliance). - id: iso-27001 conforms: true evidence: AWS maintains ISO 27001 certification across its services.