AWS datasync documentation change
Summary
Updated service-linked role description to include Secrets Manager access
Security assessment
Documents new security-related capability (secrets management) but does not indicate a security issue being addressed
Diff
diff --git a/datasync/latest/userguide/using-service-linked-roles-service-action-2.md b/datasync/latest/userguide/using-service-linked-roles-service-action-2.md index 055dd7c95..ac8c10552 100644 --- a//datasync/latest/userguide/using-service-linked-roles-service-action-2.md +++ b//datasync/latest/userguide/using-service-linked-roles-service-action-2.md @@ -19 +19 @@ For information about other services that support service-linked roles, see [AWS -DataSync uses the service-linked role named **AWSServiceRoleForDataSync** – Allows DataSync to create Amazon CloudWatch logs for tasks using [Enhanced mode](./choosing-task-mode.html). +DataSync uses the service-linked role named **AWSServiceRoleForDataSync** – Allows DataSync to perform essential operations for transfer task execution, including reading secrets from AWS Secrets Manager, and creating CloudWatch log groups and events.