AWS amazonq documentation change
Summary
Clarified IAM policy scope and added note about IDE/CLI access not requiring IAM permissions
Security assessment
Provides clarification about access control policies but does not address a specific security vulnerability. The note about IDE/CLI access improves security documentation but is informational rather than addressing an active issue.
Diff
diff --git a/amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md b/amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md index f9ce5cb2b..6bff15f1e 100644 --- a//amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md +++ b//amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md @@ -9 +9 @@ Allow users to access Amazon Q with an Amazon Q Developer Pro subscriptionAllow -The following policies allow users to access features of Amazon Q Developer on AWS apps and websites. +The following policies allow users to access features of Amazon Q Developer on AWS apps and websites, including the AWS Management Console, AWS Console Mobile Application, and AWS Documentation site. @@ -12,0 +13,4 @@ For policies that enable administrative access to Amazon Q Developer, see [Admin +###### Note + +Users accessing Amazon Q in the IDE or on the command line don't require IAM permissions. +