AWS Security ChangesHomeSearch

AWS IAM documentation change

Service: IAM · 2025-07-10 · Documentation high

File: IAM/latest/UserGuide/id_credentials_temp_control-access_disable-perms.md

Summary

Added JSON examples for permission denial policies

Security assessment

Provided example policies for restricting temporary credentials

Diff

diff --git a/IAM/latest/UserGuide/id_credentials_temp_control-access_disable-perms.md b/IAM/latest/UserGuide/id_credentials_temp_control-access_disable-perms.md
index cf679857d..977d9e392 100644
--- a//IAM/latest/UserGuide/id_credentials_temp_control-access_disable-perms.md
+++ b//IAM/latest/UserGuide/id_credentials_temp_control-access_disable-perms.md
@@ -72,0 +73,6 @@ These permissions are the same as those in the AWS managed policy [AWSDenyAll](h
+JSON
+    
+
+****
+    
+    
@@ -127,0 +135,6 @@ You can use condition context key [aws:PrincipalArn](./reference_policies_condit
+JSON
+    
+
+****
+    
+    
@@ -160,0 +175,6 @@ The following policy shows an example of how you can deny access to temporary se
+JSON
+    
+
+****
+    
+    
@@ -201,0 +223,6 @@ The caller-specified role session name, which is part of the unique identifier f
+JSON
+    
+
+****
+    
+    
@@ -231,0 +260,6 @@ When you use the `aws:PrincipalARN` context key, specify the ARN of the IAM user
+JSON
+    
+
+****
+    
+    
@@ -255,0 +291,6 @@ When you use the `aws:SourceIdentity` context key, specify the source identity v
+JSON
+    
+
+****
+    
+