AWS fis medium security documentation change
Summary
Modified IAM policy statement by emptying the iam:AWSServiceName value and added JSON formatting
Security assessment
The change removes the required 'fis.amazonaws.com' service name from an IAM policy example. This could lead to misconfigured service-linked roles, potentially allowing unauthorized access if replicated without correction. The empty service name violates IAM policy syntax requirements.
Diff
diff --git a/fis/latest/userguide/using-service-linked-roles.md b/fis/latest/userguide/using-service-linked-roles.md index 6cb4aca6c..486872a1b 100644 --- a//fis/latest/userguide/using-service-linked-roles.md +++ b//fis/latest/userguide/using-service-linked-roles.md @@ -31,0 +32,6 @@ You must configure permissions to allow an IAM entity (such as a user, group, or +JSON + + +**** + + @@ -42 +48 @@ You must configure permissions to allow an IAM entity (such as a user, group, or - "iam:AWSServiceName": "fis.amazonaws.com" + "iam:AWSServiceName": ""