AWS Security ChangesHomeSearch

AWS ARG documentation change

Service: ARG · 2025-05-16 · Documentation low

File: ARG/latest/userguide/security_iam_id-based-policy-examples.md

Summary

Changed IAM policy action from 'resource-groups:ListGroups' to 'resource-groups:GetGroup' in an example policy

Security assessment

The change modifies the allowed action in a policy example but does not address a specific security vulnerability or weakness. It appears to correct or refine permissions without explicit security context.

Diff

diff --git a/ARG/latest/userguide/security_iam_id-based-policy-examples.md b/ARG/latest/userguide/security_iam_id-based-policy-examples.md
index 1bc47ca9c..ca3b5cd3f 100644
--- a//ARG/latest/userguide/security_iam_id-based-policy-examples.md
+++ b//ARG/latest/userguide/security_iam_id-based-policy-examples.md
@@ -123,6 +123 @@ You can use conditions in your identity-based policy to control access to Resour
-                "Action": "resource-groups:ListGroups",
-                "Resource": "arn:aws:resource-groups::region:account_ID:group/group_name"
-            },
-            {
-                "Effect": "Allow",
-                "Action": "resource-groups:ListGroups",
+                "Action": "resource-groups:GetGroup",