AWS IAM documentation change
Summary
Added note about VPC endpoint policy access denied errors when accounts mismatch
Security assessment
The change documents a troubleshooting scenario related to access control configuration but doesn't indicate a specific security vulnerability. It enhances security documentation by explaining access denial patterns.
Diff
diff --git a/IAM/latest/UserGuide/troubleshoot_access-denied.md b/IAM/latest/UserGuide/troubleshoot_access-denied.md index 72c397f59..5afccd3dc 100644 --- a/IAM/latest/UserGuide/troubleshoot_access-denied.md +++ b/IAM/latest/UserGuide/troubleshoot_access-denied.md @@ -52,0 +53,2 @@ In this case, Mateo must ask his administrator to update his policies to allow a + * If you're using an [Amazon VPC endpoint policy](https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-access.html) and you get an access denied error that is not logged in AWS CloudTrail, it might be because the VPC endpoint owner account is different from the calling account or target role account. +