AWS artifact medium security documentation change
Summary
Documented IAM policy changes including removal of artifact:get permission and expanded GovCloud permissions.
Security assessment
Explicit removal of artifact:get permission in managed policy constitutes a security-hardening measure by reducing excessive privileges.
Diff
diff --git a/artifact/latest/ug/doc-history.md b/artifact/latest/ug/doc-history.md index a0690fe1d..3b2f96d78 100644 --- a//artifact/latest/ug/doc-history.md +++ b//artifact/latest/ug/doc-history.md @@ -10,0 +11,2 @@ Change| Description| Date +Fine-grained permissions for AWS Artifact in AWS GovCloud (US) Regions| Updated and expanded policies for using AWS Artifact in AWS GovCloud (US) Regions, while removing notes about limitations as AWS Artifact functionality is now more broadly applicable across all regions.| March 31, 2025 +Updated AWSArtifactReportReadOnlyAccess managed policy| Updated [AWSArtifactReportsReadOnlyAccess](security-iam-awsmanpol.html) managed policy to remove the artifact:get permission.| March 21, 2025