AWS eventbridge medium security documentation change
Summary
Added entry about updated AmazonEventBridgeApiDestinationsServiceRolePolicy restricting Secrets Manager permissions to same account
Security assessment
Explicitly restricts Secrets Manager operations to same account, reducing potential cross-account privilege escalation risks
Diff
diff --git a/eventbridge/latest/userguide/eb-document-history.md b/eventbridge/latest/userguide/eb-document-history.md index ca6d3ac3b..e40c079f6 100644 --- a//eventbridge/latest/userguide/eb-document-history.md +++ b//eventbridge/latest/userguide/eb-document-history.md @@ -8,0 +9,5 @@ Change | Description | Release Date +Updated AmazonEventBridgeApiDestinationsServiceRolePolicy managed policy | Policy now restricts the scope of permissions for Secrets Manager operations to the same account. + + * [Amazon EventBridge updates to AWS managed policies](./eb-use-identity-based.html#eb-use-identity-based-awsmanpol-updates) + +| May 29, 2025