AWS opensearch-service documentation change
Summary
Added note about AmazonOpenSearchServiceRolePolicy update for IAM Identity Center application management
Security assessment
Documents a new managed policy statement enabling OpenSearch to manage IAM Identity Center application access scopes, enhancing security controls without evidence of addressing a specific vulnerability.
Diff
diff --git a/opensearch-service/latest/developerguide/release-notes.md b/opensearch-service/latest/developerguide/release-notes.md index dd79f0591..4eee52130 100644 --- a/opensearch-service/latest/developerguide/release-notes.md +++ b/opensearch-service/latest/developerguide/release-notes.md @@ -31,0 +32 @@ Change| Description| Date +[The AmazonOpenSearchServiceRolePolicy managed policy was updated](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac-managed.html#ac-managed-updates)| We added a new statement to the policy. When Amazon OpenSearch Service assumes the `AWSServiceRoleForAmazonOpenSearchService` service-linked role, the new statement in the policy enables OpenSearch to update the access scope of any AWS IAM Identity Center application that is only managed by OpenSearch. | March 28, 2025