AWS lambda documentation change
Summary
Simplified instructions by removing redundant details about execution role permissions and environment variables. Removed mention of AWSLambdaExecute policy in CLI prompts.
Security assessment
While the change removes some implementation details, core security requirements (s3:PutObject permission and environment variables) remain documented. No evidence of addressing a security vulnerability - appears to be documentation cleanup.
Diff
diff --git a/lambda/latest/dg/csharp-handler.md b/lambda/latest/dg/csharp-handler.md index 67e9ec647..839aa3357 100644 --- a//lambda/latest/dg/csharp-handler.md +++ b//lambda/latest/dg/csharp-handler.md @@ -196,5 +196 @@ By default, the generated `aws-lambda-tools-defaults.json` file doesn't contain -For this function to work properly, its [execution role](./lambda-intro-execution-role.html) must allow the `s3:PutObject` action. If you're using the `dotnet lambda deploy-function` command (i.e. `dotnet lambda deploy-function ExampleCS`), the `AWSLambdaExecute` policy in the CLI prompts contain the necessary permissions for you to invoke this function successfully. - -Also, ensure that - -Finally, ensure that you define the `RECEIPT_BUCKET` environment variable. After a successful invocation, the Amazon S3 bucket should contain a receipt file. +For this function to work properly, its [execution role](./lambda-intro-execution-role.html) must allow the `s3:PutObject` action. Also, ensure that you define the `RECEIPT_BUCKET` environment variable. After a successful invocation, the Amazon S3 bucket should contain a receipt file.