AWS amazonq documentation change
Summary
Expanded IAM policy Resource field to include both application and application/index ARNs
Security assessment
The change appears to broaden resource coverage in IAM policies but doesn't address any specific security vulnerability or add new security documentation. It's a routine policy syntax update.
Diff
diff --git a/amazonq/latest/qbusiness-ug/alfresco-server-iam-role.md b/amazonq/latest/qbusiness-ug/alfresco-server-iam-role.md index 584ecb183..009445ccf 100644 --- a//amazonq/latest/qbusiness-ug/alfresco-server-iam-role.md +++ b//amazonq/latest/qbusiness-ug/alfresco-server-iam-role.md @@ -80 +80,4 @@ To connect your data source connector to Amazon Q, you must give Amazon Q an IAM - "Resource": "arn:aws:qbusiness:{{region}}:{{source_account}}:application/{{application_id}}/index/{{index_id}}" + "Resource": [ + "arn:aws:qbusiness:{{region}}:{{source_account}}:application/{{application_id}}", + "arn:aws:qbusiness:{{region}}:{{source_account}}:application/{{application_id}}/index/{{index_id}}" + ]