AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-04-28 · Documentation low

File: AmazonS3/latest/userguide/s3-tables-integrating-glue-endpoint.md

Summary

Added IAM role creation steps with custom trust policy configuration for AWS Glue endpoint access

Security assessment

The change documents IAM policy configuration, which is a security feature, but does not address a specific security vulnerability.

Diff

diff --git a/AmazonS3/latest/userguide/s3-tables-integrating-glue-endpoint.md b/AmazonS3/latest/userguide/s3-tables-integrating-glue-endpoint.md
index ed328ec80..ed23d236c 100644
--- a//AmazonS3/latest/userguide/s3-tables-integrating-glue-endpoint.md
+++ b//AmazonS3/latest/userguide/s3-tables-integrating-glue-endpoint.md
@@ -68,0 +69,18 @@ To access tables through AWS Glue endpoints, you need to create an IAM role with
+  5. After you create the policy, create an IAM role and choose **Custom trust policy** as the **Trusted entity type**.
+
+  6. Enter the following for the **Custom trust policy**.
+    
+        {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Effect": "Allow",
+                "Principal": {
+                    "AWS": "arn:aws:iam::<accountid>:role/<Admin_role>"
+                },
+                "Action": "sts:AssumeRole",
+                "Condition": {}
+            }
+        ]
+    }
+