AWS AmazonS3 documentation change
Summary
Added documentation for RenameObject API authorization requirements
Security assessment
The update clarifies required permissions for the RenameObject API but does not address a specific security vulnerability. It enhances authorization documentation for a specific S3 Express operation.
Diff
diff --git a/AmazonS3/latest/userguide/s3-express-authenticating-authorizing.md b/AmazonS3/latest/userguide/s3-express-authenticating-authorizing.md index 4dd450819..54535ca32 100644 --- a//AmazonS3/latest/userguide/s3-express-authenticating-authorizing.md +++ b//AmazonS3/latest/userguide/s3-express-authenticating-authorizing.md @@ -43,0 +44 @@ API | Endpoint type | IAM action | Cross-account access +`RenameObject` | Zonal | `s3express:CreateSession` | No