AWS IAM documentation change
Summary
Added PowerShell V5 example for deleting OIDC provider with trust policy warning
Security assessment
Highlights security consideration about updating roles' trust policies after provider deletion, but doesn't address a specific vulnerability
Diff
diff --git a/IAM/latest/UserGuide/iam_example_iam_DeleteOpenIdConnectProvider_section.md b/IAM/latest/UserGuide/iam_example_iam_DeleteOpenIdConnectProvider_section.md index 916de240e..232619192 100644 --- a//IAM/latest/UserGuide/iam_example_iam_DeleteOpenIdConnectProvider_section.md +++ b//IAM/latest/UserGuide/iam_example_iam_DeleteOpenIdConnectProvider_section.md @@ -49,0 +50,14 @@ PowerShell +**Tools for PowerShell V5** + + +**Example 1: This example deletes the IAM OIDC provider that connects to the provider`example.oidcprovider.com`. Ensure that you update or delete any roles that reference this provider in the `Principal` element of the role's trust policy.** + + + Remove-IAMOpenIDConnectProvider -OpenIDConnectProviderArn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com + + + * For API details, see [DeleteOpenIdConnectProvider](https://docs.aws.amazon.com/powershell/v5/reference) in _AWS Tools for PowerShell Cmdlet Reference (V5)_. + + + +