AWS bedrock documentation change
Summary
Fixed typo in 'Third party' to 'Third-party', clarified KMS key requirements for S3 bucket encryption permissions
Security assessment
The KMS clarification emphasizes proper encryption key management practices but doesn't address a specific vulnerability. The change improves security documentation by reinforcing IAM permission requirements for KMS decryption operations.
Diff
diff --git a/bedrock/latest/userguide/fine-tuning-troubleshooting.md b/bedrock/latest/userguide/fine-tuning-troubleshooting.md index d988709e8..62bbc91f0 100644 --- a//bedrock/latest/userguide/fine-tuning-troubleshooting.md +++ b//bedrock/latest/userguide/fine-tuning-troubleshooting.md @@ -5 +5 @@ -Permissions issuesData issuesThird party license terms and policy issuesInternal error +Permissions issuesData issuesThird-party license terms and policy issuesInternal error @@ -15 +15 @@ If you encounter an issue with permissions to access an Amazon S3 bucket, check - 1. If the Amazon S3 bucket uses a CM-KMS key for Server Side encryption, ensure that the IAM role passed to Amazon Bedrock has `kms:Decrypt` permissions for the AWS KMS key. For example, see [Allow a user to enccrypt and decrypt with any AWS KMS key in a specific AWS account](https://docs.aws.amazon.com/kms/latest/developerguide/customer-managed-policies.html#iam-policy-example-encrypt-decrypt-one-account). + 1. If the Amazon S3 bucket uses a customer managed AWS Key Management Service (KMS key) for server-side encryption, ensure that the IAM role passed to Amazon Bedrock has `kms:Decrypt` permissions for the KMS key. For example, see [Allow a user to enccrypt and decrypt with any AWS KMS key in a specific AWS account](https://docs.aws.amazon.com/kms/latest/developerguide/customer-managed-policies.html#iam-policy-example-encrypt-decrypt-one-account). @@ -80 +80 @@ If you encounter an error similar to the preceeding example, make sure that the -## Third party license terms and policy issues +## Third-party license terms and policy issues