AWS braket documentation change
Summary
Added account-based condition to restrict S3 permissions in AmazonBraketFullAccess policy
Security assessment
Introduces a security control to limit S3 access to same-account resources, improving security posture without evidence of addressing a specific vulnerability
Diff
diff --git a/braket/latest/developerguide/about-amazonbraketfullaccess.md index 08f8f3646..5522db88f 100644 --- a/braket/latest/developerguide/about-amazonbraketfullaccess.md +++ b/braket/latest/developerguide/about-amazonbraketfullaccess.md @@ -46 +46,6 @@ The **AmazonBraketFullAccess** policy grants permissions for Amazon Braket opera - "Resource": "arn:aws:s3:::amazon-braket-*" + "Resource": "arn:aws:s3:::amazon-braket-*", + "Condition": { + "StringEquals": { + "aws:ResourceAccount": "${aws:PrincipalAccount}" + } + }