AWS redshift documentation change
Summary
Updated ARN format for Redshift Serverless dbuser to include serverless account ID and workgroup ID
Security assessment
Clarifies IAM role authorization format which is part of security configuration, but no evidence of addressing a specific security vulnerability. The change improves documentation of security-related resource naming conventions.
Diff
diff --git a/redshift/latest/mgmt/authorizing-redshift-service-database-users.md index d3312d481..15fd52d1f 100644 --- a/redshift/latest/mgmt/authorizing-redshift-service-database-users.md +++ b/redshift/latest/mgmt/authorizing-redshift-service-database-users.md @@ -15 +15 @@ To permit only specific database users to use an IAM role, take the following st -For Amazon Redshift Serverless use the following ARN format. `arn:aws:redshift:`region`:`account-id`:dbuser:`workgroup-name`/`user-name`` +For Amazon Redshift Serverless use the following ARN format. `arn:aws:redshift:`region`:`account-id`:dbuser:serverless-`account-id`-`workgroup-id`/`user-name``