AWS Security ChangesHomeSearch

AWS acm documentation change

Service: acm · 2025-06-28 · Documentation low

File: acm/latest/userguide/security-iam-awsmanpol.md

Summary

Replaced inline IAM policy JSON with links to AWS managed policies

Security assessment

Documentation restructuring for maintainability without altering security policies or recommendations

Diff

diff --git a/acm/latest/userguide/security-iam-awsmanpol.md b/acm/latest/userguide/security-iam-awsmanpol.md
index a21d5c778..a92d61da4 100644
--- a//acm/latest/userguide/security-iam-awsmanpol.md
+++ b//acm/latest/userguide/security-iam-awsmanpol.md
@@ -21,17 +20,0 @@ This policy provides read–only access to ACM certificates; it allows users to
-    
-    {
-    "Version":"2012-10-17",
-    "Statement":{
-        "Effect":"Allow",
-        "Action":[
-            "acm:DescribeCertificate",
-            "acm:ListCertificates",
-            "acm:GetCertificate",
-            "acm:ListTagsForCertificate",
-            "acm:GetAccountConfiguration"
-        ],
-        "Resource":"*"
-    }
-    }
-            
-
@@ -39,0 +23,2 @@ To view this AWS managed policy in the console, go to [https://console.aws.amazo
+For a JSON listing of the policy details, see [AWSCertificateManagerReadOnly](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSCertificateManagerReadOnly.html).
+
@@ -44,34 +28,0 @@ This policy provides full access to all ACM actions and resources.
-    
-    {
-    "Version":"2012-10-17",
-    "Statement":[
-        {
-            "Effect":"Allow",
-            "Action":[
-                "acm:*"
-            ],
-            "Resource":"*"
-        },
-        {
-            "Effect":"Allow",
-            "Action":"iam:CreateServiceLinkedRole",
-            "Resource":"arn:aws:iam::*:role/aws-service-role/acm.amazonaws.com/AWSServiceRoleForCertificateManager*",
-            "Condition":{
-                "StringEquals":{
-                    "iam:AWSServiceName":"acm.amazonaws.com"
-                }
-            }
-        },
-        {
-            "Effect":"Allow",
-            "Action":[
-                "iam:DeleteServiceLinkedRole",
-                "iam:GetServiceLinkedRoleDeletionStatus",
-                "iam:GetRole"
-            ],
-            "Resource":"arn:aws:iam::*:role/aws-service-role/acm.amazonaws.com/AWSServiceRoleForCertificateManager*"
-        }
-        ]
-    }
-            
-
@@ -79,0 +31,2 @@ To view this AWS managed policy in the console, go to [https://console.aws.amazo
+For a JSON listing of the policy details, see [AWSCertificateManagerFullAccess](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSCertificateManagerFullAccess.html).
+