AWS AmazonECS medium security documentation change
Summary
Added 'Principal':'*' to example VPC endpoint policy for Amazon ECS
Security assessment
Adding a wildcard principal in the example policy reduces security by allowing any principal to access the endpoint. This could lead to unintended access if users follow the example without proper restrictions.
Diff
diff --git a/AmazonECS/latest/developerguide/vpc-endpoints.md b/AmazonECS/latest/developerguide/vpc-endpoints.md index ac6c26142..1dcfe203f 100644 --- a//AmazonECS/latest/developerguide/vpc-endpoints.md +++ b//AmazonECS/latest/developerguide/vpc-endpoints.md @@ -167,0 +168 @@ The following is an example of an endpoint policy for Amazon ECS. When attached + "Principal":"*",