AWS IAM documentation change
Summary
Refined definition of 'Permissions management' access level to clarify exclusion of network-level controls
Security assessment
Enhances understanding of security policy classifications without addressing specific vulnerabilities
Diff
diff --git a/IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md b/IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md index 0cfd5e16b..a49bf419d 100644 --- a//IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md +++ b//IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.md @@ -53 +53 @@ AWS defines the following access level classifications for the actions in a serv - * **Permissions management** : Permission to grant or modify resource permissions in the service. For example, most IAM and AWS Organizations actions, as well as actions like the Amazon S3 actions `PutBucketPolicy` and `DeleteBucketPolicy` have the **Permissions management** access level. + * **Permissions management** : Permissions management refers to actions that control access within AWS services, including IAM and non-IAM identity permissions, but excludes network-level access controls like security groups. For example, most IAM and AWS Organizations actions, as well as the Amazon S3 actions `PutBucketPolicy` and `DeleteBucketPolicy` have the **Permissions management** access level.