AWS Security ChangesHomeSearch

AWS opensearch-service documentation change

Service: opensearch-service · 2025-03-30 · Documentation medium

File: opensearch-service/latest/developerguide/release-notes.md

Summary

Added note about AmazonOpenSearchServiceRolePolicy update for IAM Identity Center application management

Security assessment

Documents a new managed policy statement enabling OpenSearch to manage IAM Identity Center application access scopes, enhancing security controls without evidence of addressing a specific vulnerability.

Diff

diff --git a/opensearch-service/latest/developerguide/release-notes.md b/opensearch-service/latest/developerguide/release-notes.md
index dd79f0591..4eee52130 100644
--- a/opensearch-service/latest/developerguide/release-notes.md
+++ b/opensearch-service/latest/developerguide/release-notes.md
@@ -31,0 +32 @@ Change| Description| Date
+[The AmazonOpenSearchServiceRolePolicy managed policy was updated](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac-managed.html#ac-managed-updates)| We added a new statement to the policy. When Amazon OpenSearch Service assumes the `AWSServiceRoleForAmazonOpenSearchService` service-linked role, the new statement in the policy enables OpenSearch to update the access scope of any AWS IAM Identity Center application that is only managed by OpenSearch. | March 28, 2025