AWS systems-manager documentation change
Summary
Changed session ARN policy variable from ${aws:userid} to ${aws:username}
Security assessment
The variable change adjusts policy structure but lacks evidence of addressing a specific security vulnerability. This appears to be a documentation clarification rather than a security fix.
Diff
diff --git a/systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md b/systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md index 7fa5fb694..3a8f1eb70 100644 --- a//systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md +++ b//systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md @@ -120 +120 @@ Use this sample policy to give users the ability to start and resume sessions fr - "arn:aws:ssm:*:*:session/${aws:userid}-*" + "arn:aws:ssm:*:*:session/${aws:username}-*"