AWS controltower documentation change
Summary
Updated quotation marks and apostrophe formatting in documentation about RCP-based controls and IAM exemptions
Security assessment
The changes are purely typographical (straight vs. curly quotes/apostrophes) with no substantive content modifications. The security-related content about RCP controls and IAM exemptions remains unchanged in meaning. No new security information was added or vulnerabilities addressed.
Diff
diff --git a/controltower/latest/userguide/2024-all.md b/controltower/latest/userguide/2024-all.md index 2216eaef0..49201adf6 100644 --- a//controltower/latest/userguide/2024-all.md +++ b//controltower/latest/userguide/2024-all.md @@ -124 +124 @@ AWS Control Tower offers a new type of preventive control, implemented with reso -For example, you can enable RCP-based controls for Amazon S3, AWS Security Token Service, AWS Key Management Service, Amazon SQS, and AWS Secrets Manager services. An RCP-based control can enforce a requirement such as “Require that the organization's Amazon S3 resources are accessible only by IAM principals that belong to the organization, or by an AWS service,” regardless of the permissions granted on individual bucket policies. +For example, you can enable RCP-based controls for Amazon S3, AWS Security Token Service, AWS Key Management Service, Amazon SQS, and AWS Secrets Manager services. An RCP-based control can enforce a requirement such as "Require that the organization's Amazon S3 resources are accessible only by IAM principals that belong to the organization, or by an AWS service," regardless of the permissions granted on individual bucket policies. @@ -126 +126 @@ For example, you can enable RCP-based controls for Amazon S3, AWS Security Token -You can configure the new RCP-based controls, and certain existing SCP-based preventive controls, to specify AWS IAM exemptions for principals and resources. If you don’t want a principal or a resource to be governed by the control, you can configure an exemption. +You can configure the new RCP-based controls, and certain existing SCP-based preventive controls, to specify AWS IAM exemptions for principals and resources. If you don't want a principal or a resource to be governed by the control, you can configure an exemption.