AWS organizations documentation change
Summary
Updated document history to reflect new IAM actions (GetAccountInformation, PutAccountName) in AWSOrganizationsFullAccess policy
Security assessment
Documents expanded IAM permissions for account name management, which relates to access control (a security feature), but does not indicate a resolved security vulnerability.
Diff
diff --git a/organizations/latest/userguide/document-history.md b/organizations/latest/userguide/document-history.md index d42a51477..4b2d8a16c 100644 --- a//organizations/latest/userguide/document-history.md +++ b//organizations/latest/userguide/document-history.md @@ -11 +11 @@ The following table describes major documentation updates for AWS Organizations. - * Latest documentation update: January 24, 2025 + * Latest documentation update: April 22, 2025 @@ -17,0 +18 @@ Change| Description| Date +[Updated the AWSOrganizationsFullAccess managed policy](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_available-policies.html#ref-iam-managed-policies-updates)| Added the `account:GetAccountInformation` action to enable access to view the account name of any account in an organization and the `account:PutAccountName` action to enable access to modify any account name in an organization.| April 22, 2025 @@ -40 +41 @@ Scenario-driven content updates| The AWS Organizations documentation was updated -[Organizations managed policy updates - Update to an existing policy](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_available-policies.html)| Updated the AWSOrganizationsFullAccess and AWSOrganizationsReadOnlyAccess managed policies to allow account API permissions required to update or view account alternate contacts via the AWS Organizations console. | February 7, 2022 +[Organizations managed policy updates - Update to an existing policy](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_available-policies.html#ref-iam-managed-policies-updates)| Updated the AWSOrganizationsFullAccess and AWSOrganizationsReadOnlyAccess managed policies to allow account API permissions required to update or view account alternate contacts via the AWS Organizations console. | February 7, 2022