AWS amazonq documentation change
Summary
Updated policy names and added email verification permission to service-linked role policy
Security assessment
Policy updates include security-related permissions (email verification checks) but no indication of resolving a specific security vulnerability.
Diff
diff --git a/amazonq/latest/qdeveloper-ug/managed-policy.md index cc078ce9b..7f22022ee 100644 --- a/amazonq/latest/qdeveloper-ug/managed-policy.md +++ b/amazonq/latest/qdeveloper-ug/managed-policy.md @@ -5 +5 @@ -AmazonQFullAccessAmazonQDeveloperAccessAWSServiceRoleForAmazonQDeveloperPolicyAWSServiceRoleForUserSubscriptionPolicyPolicy updates +AmazonQFullAccessAmazonQDeveloperAccessAWSServiceRoleForAmazonQDeveloperPolicyAWSServiceRoleForUserSubscriptionsPolicy updates @@ -191 +191 @@ To view this policy in the context of other AWS managed policies, see [AmazonQDe -## AWSServiceRoleForUserSubscriptionPolicy +## AWSServiceRoleForUserSubscriptions @@ -195 +195 @@ This AWS managed policy grants permissions commonly needed to use Amazon Q Devel -You can't attach AWSServiceRoleForUserSubscriptionPolicy to your IAM entities. This policy is attached to [a service-linked role](./using-service-linked-roles.html) that allows Amazon Q to perform actions on your behalf. For more information, see [Using service-linked roles for Amazon Q Developer and User Subscriptions](./using-service-linked-roles.html). +You can't attach AWSServiceRoleForUserSubscriptions to your IAM entities. This policy is attached to [a service-linked role](./using-service-linked-roles.html) that allows Amazon Q to perform actions on your behalf. For more information, see [Using service-linked roles for Amazon Q Developer and User Subscriptions](./using-service-linked-roles.html). @@ -233 +233 @@ This policy includes the following permissions. -To view this policy in the context of other AWS managed policies, see [AWSServiceRoleForUserSubscriptionPolicy](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSServiceRoleForUserSubscriptionPolicy.html). +To view this policy in the context of other AWS managed policies, see [AWSServiceRoleForUserSubscriptions](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSServiceRoleForUserSubscriptions.html). @@ -240,0 +241 @@ Change | Description | Date +AWSServiceRoleForUserSubscriptions \- Updated policy | Allows Amazon Q to discover the email verification status of end users. | February 17, 2025 @@ -248 +249 @@ AmazonQFullAccess \- Updated policy | Additional permissions have been added t -AWSServiceRoleForUserSubscriptionPolicy \- New policy | Allows Amazon Q Subscriptions to automatically update subscriptions from changes in AWS IAM Identity Center, AWS IAM Identity Center directory and AWS Organizations on your behalf. | April 30, 2024 +AWSServiceRoleForUserSubscriptions \- New policy | Allows Amazon Q Subscriptions to automatically update subscriptions from changes in AWS IAM Identity Center, AWS IAM Identity Center directory and AWS Organizations on your behalf. | April 30, 2024