AWS IAM documentation change
Summary
Updated archive examples to include internal access findings for S3 buckets
Security assessment
Expanded documentation about archiving findings to include internal access examples. While related to security feature usage, this change doesn't address vulnerabilities but rather enhances documentation of existing security controls.
Diff
diff --git a/IAM/latest/UserGuide/access-analyzer-findings-archive.md b/IAM/latest/UserGuide/access-analyzer-findings-archive.md index a1eb8e4d2..a0573bef1 100644 --- a//IAM/latest/UserGuide/access-analyzer-findings-archive.md +++ b//IAM/latest/UserGuide/access-analyzer-findings-archive.md @@ -7 +7 @@ -When you get a finding for access to a resource that is intentional, you can archive the findings. For example, an external access finding for an IAM role that is used by multiple users for approved workflows or an unused access finding for an access key that may still be necessary. When you archive a finding, it is cleared from active findings list. Archived findings aren't deleted. You can filter the **Findings** page to display your archived findings, and unarchive them at any time. +When you get a finding for access to a resource that is intentional, you can archive the findings. For example, an external or internal access finding for an Amazon S3 bucket that is accessed for approved workflows or an unused access finding for an access key that may still be necessary. When you archive a finding, it is cleared from active findings list. Archived findings aren't deleted. You can filter the **Findings** page to display your archived findings, and unarchive them at any time.