AWS IAM documentation change
Summary
Updated Amazon S3 documentation links from 'dev' to 'userguide' path segments in policy examples
Security assessment
Documentation path correction without changes to security policies or security-related content
Diff
diff --git a/IAM/latest/UserGuide/id_roles_create_policy-examples.md b/IAM/latest/UserGuide/id_roles_create_policy-examples.md index 50b979447..ca20824d7 100644 --- a//IAM/latest/UserGuide/id_roles_create_policy-examples.md +++ b//IAM/latest/UserGuide/id_roles_create_policy-examples.md @@ -57 +57 @@ The following example shows a policy that can be attached to a role. The policy -In this example, account A uses a resource-based policy (an Amazon S3 [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucketPolicies.html)) to grant account B full access to account A's S3 bucket. Then account B creates an IAM user policy to delegate that access to account A's bucket to one of the users in account B. +In this example, account A uses a resource-based policy (an Amazon S3 [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingBucketPolicies.html)) to grant account B full access to account A's S3 bucket. Then account B creates an IAM user policy to delegate that access to account A's bucket to one of the users in account B. @@ -76 +76 @@ The S3 bucket policy in account A might look like the following policy. In this -Alternatively, account A can use Amazon S3 [Access Control Lists (ACLs)](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) to grant account B access to an S3 bucket or a single object within a bucket. In that case, the only thing that changes is how account A grants access to account B. Account B still uses a policy to delegate access to an IAM group in account B, as described in the next part of this example. For more information about controlling access on S3 buckets and objects, go to [Access Control](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAuthAccess.html) in the _Amazon Simple Storage Service User Guide_. +Alternatively, account A can use Amazon S3 [Access Control Lists (ACLs)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3_ACLs_UsingACLs.html) to grant account B access to an S3 bucket or a single object within a bucket. In that case, the only thing that changes is how account A grants access to account B. Account B still uses a policy to delegate access to an IAM group in account B, as described in the next part of this example. For more information about controlling access on S3 buckets and objects, go to [Access Control](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingAuthAccess.html) in the _Amazon Simple Storage Service User Guide_.