AWS Security ChangesHomeSearch

AWS IAM documentation change

Service: IAM · 2025-05-01 · Documentation low

File: IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md

Summary

Refined definition of 'Permissions management' access level to clarify exclusion of network-level controls

Security assessment

Enhances understanding of security policy classifications without addressing specific vulnerabilities

Diff

diff --git a/IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md b/IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md
index 0cfd5e16b..a49bf419d 100644
--- a//IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md
+++ b//IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md
@@ -53 +53 @@ AWS defines the following access level classifications for the actions in a serv
-  * **Permissions management** : Permission to grant or modify resource permissions in the service. For example, most IAM and AWS Organizations actions, as well as actions like the Amazon S3 actions `PutBucketPolicy` and `DeleteBucketPolicy` have the **Permissions management** access level.
+  * **Permissions management** : Permissions management refers to actions that control access within AWS services, including IAM and non-IAM identity permissions, but excludes network-level access controls like security groups. For example, most IAM and AWS Organizations actions, as well as the Amazon S3 actions `PutBucketPolicy` and `DeleteBucketPolicy` have the **Permissions management** access level.