AWS amazonq documentation change
Summary
Updated IAM policy resource ARN to include both application and index ARNs
Security assessment
Similar to Oracle change, enhances IAM resource specificity without evidence of fixing a security flaw.
Diff
diff --git a/amazonq/latest/qbusiness-ug/rds-postgresql-iam-role.md b/amazonq/latest/qbusiness-ug/rds-postgresql-iam-role.md index 594cda69e..f0a8ba823 100644 --- a//amazonq/latest/qbusiness-ug/rds-postgresql-iam-role.md +++ b//amazonq/latest/qbusiness-ug/rds-postgresql-iam-role.md @@ -80 +80,4 @@ To connect your data source connector to Amazon Q, you must give Amazon Q an IAM - "Resource": "arn:aws:qbusiness:{{region}}:{{source_account}}:application/{{application_id}}/index/{{index_id}}" + "Resource": [ + "arn:aws:qbusiness:{{region}}:{{source_account}}:application/{{application_id}}", + "arn:aws:qbusiness:{{region}}:{{source_account}}:application/{{application_id}}/index/{{index_id}}" + ]