A recurrent theme in s3a-related JIRAs, support calls etc is "tried upgrading the AWS SDK JAR and then I got the error ...". We know here "don't do that", but its not something immediately obvious to lots of downstream users who want to be able to drop in the new JAR to fix things/add new features
We need to spell this out quite clearlyi "you cannot safely expect to do this. If you want to upgrade the SDK, you will need to rebuild the whole of hadoop-aws with the maven POM updated to the latest version, ideally rerunning all the tests to make sure something hasn't broken.
Maybe near the top of the index.md file, along with "never share your AWS credentials with anyone"