AWS resource-explorer medium security documentation change
Summary
Modified IAM policy examples with invalid action names and resource patterns
Security assessment
Changed actions to invalid format (e.g., ':GetView') and incorrect resource ARN pattern ('arn:aws::*:*:view/*'), creating potential for misconfigured security policies
Diff
diff --git a/resource-explorer/latest/userguide/security_iam_id-based-policy-examples.md b/resource-explorer/latest/userguide/security_iam_id-based-policy-examples.md index cf44580d0..787c8703a 100644 --- a//resource-explorer/latest/userguide/security_iam_id-based-policy-examples.md +++ b//resource-explorer/latest/userguide/security_iam_id-based-policy-examples.md @@ -77,0 +78,6 @@ In this example, you want to grant access to a Resource Explorer view in your AW +JSON + + +**** + + @@ -85,2 +91,2 @@ In this example, you want to grant access to a Resource Explorer view in your AW - "resource-explorer-2:GetView", - "resource-explorer-2:Search" + ":GetView", + ":Search" @@ -88 +94 @@ In this example, you want to grant access to a Resource Explorer view in your AW - "Resource": "arn:aws:resource-explorer-2:*:*:view/*", + "Resource": "arn:aws::*:*:view/*", @@ -109,0 +117,6 @@ Now you're ready to grant permissions to create a view. You can add the statemen +JSON + + +**** + + @@ -116 +129 @@ Now you're ready to grant permissions to create a view. You can add the statemen - "Action": "resource-explorer-2:CreateView", + "Action": ":CreateView",