AWS Security ChangesHomeSearch

AWS datazone documentation change

Service: datazone · 2025-05-31 · Documentation low

File: datazone/latest/userguide/security-authorization.md

Summary

Removed reference to 'define data subscription approvers' in authorization model

Security assessment

Documentation edit removing a specific capability description without security context or vulnerability indication

Diff

diff --git a/datazone/latest/userguide/security-authorization.md b/datazone/latest/userguide/security-authorization.md
index 9cdd4a9ed..65acc4eb4 100644
--- a//datazone/latest/userguide/security-authorization.md
+++ b//datazone/latest/userguide/security-authorization.md
@@ -23 +23 @@ The Amazon DataZone data portal authorization model is a hierarchical ACL with s
-Within this authorization model, Amazon DataZone allows users to manage user and group permissions. Users manage project membership, request membership to projects, and approve memberships. Users publish data, define data subscription approvers, subscribe to data, and approve subscriptions. 
+Within this authorization model, Amazon DataZone allows users to manage user and group permissions. Users manage project membership, request membership to projects, and approve memberships. Users publish data, subscribe to data, and approve subscriptions. 
@@ -29 +29 @@ Users perform data analytics in specific projects when their data portal client
-Once a user is authenticated, the authenticated context maps to a user profile ID. This user profile can have multiple, different associations (project owner, domain administrator, etc.) which is used for authorizing users. Each association (for example, project owner, domain administrator, etc.) has permissions for certain activities based on the context. For example, a user that has a domain admin association can create additional domains, can assign other domain administrators to the domain, and can create project templates within their domain. A project owner can add or remove project members for their project, they can create publishing agreements with a domain, and publish assets to a domain.
+Once a user is authenticated, the authenticated context maps to a user profile ID. This user profile can have multiple, different associations (project owner, domain administrator, etc.) which is used for authorizing users. Each association (for example, project owner, domain administrator, etc.) has permissions for certain activities based on the context. For example, a user that has a domain admin association can create additional domains, can assign other domain administrators to the domain, and can create project templates within their domain. A project owner can add or remove project members for their project, and publish assets to a domain.