AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-04-01 · Documentation low

File: AmazonS3/latest/userguide/access-points-policies.md

Summary

Updated IAM policy documentation to explicitly reference general purpose buckets. Modified section titles and example references to match scope.

Security assessment

Changes refine existing security documentation context but do not introduce new security features or address vulnerabilities. Focus is on clarifying applicability to specific bucket types.

Diff

diff --git a/AmazonS3/latest/userguide/access-points-policies.md b/AmazonS3/latest/userguide/access-points-policies.md
index 74c888363..78b5e6c59 100644
--- a/AmazonS3/latest/userguide/access-points-policies.md
+++ b/AmazonS3/latest/userguide/access-points-policies.md
@@ -5 +5 @@
-Access point policy examplesCondition keysDelegating access control to access pointsGranting permissions for cross-account access points
+Policy examples for access points for general purpose bucketsCondition keysDelegating access control to access pointsGranting permissions for cross-account access points
@@ -7 +7 @@ Access point policy examplesCondition keysDelegating access control to access po
-# Configuring IAM policies for using access points
+# Configuring IAM policies for using access points for general purpose buckets
@@ -9 +9 @@ Access point policy examplesCondition keysDelegating access control to access po
-Amazon S3 access points support AWS Identity and Access Management (IAM) resource policies that allow you to control the use of the access point by resource, user, or other conditions. For an application or user to be able to access objects through an access point, both the access point and the underlying bucket must permit the request.
+Amazon S3 access points for general purpose buckets support AWS Identity and Access Management (IAM) resource policies that allow you to control the use of the access point by resource, user, or other conditions. For an application or user to be able to access objects through an access point, both the access point and the underlying bucket must permit the request.
@@ -19 +19 @@ To learn more about validating policies by using IAM Access Analyzer, see [IAM A
-## Access point policy examples
+## Policy examples for access points for general purpose buckets
@@ -21 +21 @@ To learn more about validating policies by using IAM Access Analyzer, see [IAM A
-The following examples demonstrate how to create IAM policies to control requests made through an access point.
+The following examples demonstrate how to create IAM policies to control requests made through an access point for general purpose buckets.
@@ -183 +183 @@ Before using a statement like the one shown in this example, make sure that you
-S3 access points have condition keys that you can use in IAM policies to control access to your resources. The following condition keys represent only part of an IAM policy. For full policy examples, see Access point policy examples, Delegating access control to access points, and Granting permissions for cross-account access points. 
+S3 access points for general purpose buckets have condition keys that you can use in IAM policies to control access to your resources. The following condition keys represent only part of an IAM policy. For full policy examples, see Policy examples for access points for general purpose buckets, Delegating access control to access points, and Granting permissions for cross-account access points.