AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2025-07-16 · Documentation medium

File: prescriptive-guidance/latest/privacy-reference-architecture/require-access-from-specific-ip-addresses.md

Summary

Removed IAM policy enforcing IP restrictions for role assumption

Security assessment

Deleted network security example without evidence of addressing a specific vulnerability

Diff

diff --git a/prescriptive-guidance/latest/privacy-reference-architecture/require-access-from-specific-ip-addresses.md b/prescriptive-guidance/latest/privacy-reference-architecture/require-access-from-specific-ip-addresses.md
index db604199b..18d362fc3 100644
--- a//prescriptive-guidance/latest/privacy-reference-architecture/require-access-from-specific-ip-addresses.md
+++ b//prescriptive-guidance/latest/privacy-reference-architecture/require-access-from-specific-ip-addresses.md
@@ -13,28 +12,0 @@ This policy allows the `john_stiles` user to assume IAM roles only if the call i
-    {
-      "Version": "2012-10-17",
-      "Statement": [
-        {
-          "Effect": "Allow",
-          "Principal": {
-            "AWS": "arn:aws:iam::account-id:user/john_stiles"
-          },
-          "Action": "sts:AssumeRole"
-        },
-        {
-          "Effect": "Deny",
-          "Principal": {
-            "AWS": "arn:aws:iam::account-id:user/john_stiles"
-          },
-          "Action": "sts:AssumeRole",
-          "Condition": {
-            "NotIpAddress": {
-              "aws:SourceIp": [
-                "192.0.2.0/24",
-                "203.0.113.0/24"
-              ]
-            }
-          }
-        }
-      ]
-    }
-