AWS cognito documentation change
Summary
Added IAM policy requirements for identity pool creation
Security assessment
Documentation of required permissions improves security posture but doesn't address a specific vulnerability
Diff
diff --git a/cognito/latest/developerguide/getting-started-with-identity-pools.md b/cognito/latest/developerguide/getting-started-with-identity-pools.md index dad7e8871..bb18b5c8d 100644 --- a//cognito/latest/developerguide/getting-started-with-identity-pools.md +++ b//cognito/latest/developerguide/getting-started-with-identity-pools.md @@ -41 +41 @@ You can create an identity pool through the Amazon Cognito console, or you can u - 1. Sign in to the [Amazon Cognito console](https://console.aws.amazon.com/cognito/home) and select **Identity pools**. + 1. Sign in to the [Amazon Cognito console](https://console.aws.amazon.com/cognito/home) and select **Identity pools**. To assign permissions to your IAM principal so that they can create and manage Amazon Cognito resources, refer to [AWS managed policies for Amazon Cognito](./security-iam-awsmanpol.html). The `AmazonCognitoPowerUser` policy is sufficient for the creation of identity pools.