AWS Security ChangesHomeSearch

AWS AmazonCloudWatch documentation change

Service: AmazonCloudWatch · 2025-07-01 · Documentation low

File: AmazonCloudWatch/latest/monitoring/DocumentHistory.md

Summary

Added entry about AIOpsReadOnlyAccess policy update permitting cross-account investigation group validation

Security assessment

The change documents expanded permissions in a managed policy but does not indicate remediation of a security vulnerability. While related to access control, there's no evidence this addresses an existing security weakness.

Diff

diff --git a/AmazonCloudWatch/latest/monitoring/DocumentHistory.md b/AmazonCloudWatch/latest/monitoring/DocumentHistory.md
index 4a7e12917..00664f051 100644
--- a//AmazonCloudWatch/latest/monitoring/DocumentHistory.md
+++ b//AmazonCloudWatch/latest/monitoring/DocumentHistory.md
@@ -10,0 +11 @@ Change| Description| Date
+AIOpsReadOnlyAccess policy updated| CloudWatch updated the **AIOpsReadOnlyAccess** policy to permit validation of investigation groups across accounts. For more information, see [AIOpsReadOnlyAccess policy](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/auth-and-access-control-cw.html#managed-policies-QInvestigations-AIOpsReadOnlyAccess).| June 23, 2025