AWS Security ChangesHomeSearch

AWS apigateway high security documentation change

Service: apigateway · 2025-07-04 · Security-related high

File: apigateway/latest/developerguide/how-to-method-settings-console.md

Summary

Modified IAM trust policy example by removing service principal (changed 'apigateway.amazonaws.com' to empty string)

Security assessment

Removing the service principal from an IAM trust relationship creates an invalid policy that could break authentication/authorization mechanisms if copied by users, introducing a security misconfiguration risk

Diff

diff --git a/apigateway/latest/developerguide/how-to-method-settings-console.md b/apigateway/latest/developerguide/how-to-method-settings-console.md
index b78cdd035..b1d18a349 100644
--- a//apigateway/latest/developerguide/how-to-method-settings-console.md
+++ b//apigateway/latest/developerguide/how-to-method-settings-console.md
@@ -126,0 +127,6 @@ To create the IAM role, you can adapt the instructions in [Step 1: Create the AW
+JSON
+    
+
+****
+    
+    
@@ -146,0 +154,6 @@ For the IAM role's trust relationship, specify the following, which enables API
+JSON
+    
+
+****
+    
+    
@@ -154 +167 @@ For the IAM role's trust relationship, specify the following, which enables API
-            "Service": "apigateway.amazonaws.com"
+            "Service": ""