AWS AmazonCloudWatch high security documentation change
Summary
Added JSON formatting to confused deputy prevention example policy
Security assessment
The example policy includes explicit security controls (aws:SourceArn condition) to prevent confused deputy attacks, directly addressing a security vulnerability pattern.
Diff
diff --git a/AmazonCloudWatch/latest/monitoring/security-iam-cwim-confused-deputy.md b/AmazonCloudWatch/latest/monitoring/security-iam-cwim-confused-deputy.md index d4da22691..6d5fccfd1 100644 --- a//AmazonCloudWatch/latest/monitoring/security-iam-cwim-confused-deputy.md +++ b//AmazonCloudWatch/latest/monitoring/security-iam-cwim-confused-deputy.md @@ -22,0 +23,6 @@ The following is an example of an assume role policy that shows how you can prev +JSON + + +**** + +