AWS vpc documentation change
Summary
Added JSON policy examples for cross-account Kinesis delivery roles and trust relationships
Security assessment
Documents secure cross-account access patterns without addressing specific vulnerabilities
Diff
diff --git a/vpc/latest/tgw/flow-logs-kinesis.md b/vpc/latest/tgw/flow-logs-kinesis.md index 5805feb83..307276e71 100644 --- a//vpc/latest/tgw/flow-logs-kinesis.md +++ b//vpc/latest/tgw/flow-logs-kinesis.md @@ -48,0 +49,6 @@ In the source account, create a role that grants the following permissions. In t +JSON + + +**** + + @@ -87,0 +95,6 @@ Ensure that this role has the following trust policy, which allows the log deliv +JSON + + +**** + + @@ -105,0 +120,6 @@ In the destination account, create a role with a name that starts with **AWSLogD +JSON + + +**** + + @@ -122,0 +144,6 @@ Ensure that this role has the following trust policy, which allows the role that +JSON + + +**** + +