AWS Security ChangesHomeSearch

AWS IAM documentation change

Service: IAM · 2025-03-23 · Documentation low

File: IAM/latest/UserGuide/troubleshoot_access-denied.md

Summary

Added note about VPC endpoint policy access denied errors when accounts mismatch

Security assessment

The change documents a troubleshooting scenario related to access control configuration but doesn't indicate a specific security vulnerability. It enhances security documentation by explaining access denial patterns.

Diff

diff --git a/IAM/latest/UserGuide/troubleshoot_access-denied.md b/IAM/latest/UserGuide/troubleshoot_access-denied.md
index 72c397f59..5afccd3dc 100644
--- a/IAM/latest/UserGuide/troubleshoot_access-denied.md
+++ b/IAM/latest/UserGuide/troubleshoot_access-denied.md
@@ -52,0 +53,2 @@ In this case, Mateo must ask his administrator to update his policies to allow a
+  * If you're using an [Amazon VPC endpoint policy](https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-access.html) and you get an access denied error that is not logged in AWS CloudTrail, it might be because the VPC endpoint owner account is different from the calling account or target role account.
+