AWS Security ChangesHomeSearch

AWS xray medium security documentation change

Service: xray · 2025-07-18 · Security-related medium

File: xray/latest/devguide/xray-console-insights.md

Summary

Removed detailed IAM policy example for X-Ray insights access, leaving only API operation references

Security assessment

The removal of explicit IAM policy guidance could lead to insecure configurations if users don't know required permissions for insights access. The original policy demonstrated least-privilege access for security-sensitive X-Ray operations.

Diff

diff --git a/xray/latest/devguide/xray-console-insights.md b/xray/latest/devguide/xray-console-insights.md
index 215662ab6..95d373d78 100644
--- a//xray/latest/devguide/xray-console-insights.md
+++ b//xray/latest/devguide/xray-console-insights.md
@@ -41,21 +41 @@ Insights must be enabled for each group you want to use insights features with.
-X-Ray uses GetInsightSummaries, GetInsight, GetInsightEvents, and GetInsightImpactGraph API operations to retrieve data from insights. To view insights, use the AWSXrayReadOnlyAccess IAM managed policy or add the following custom policy to your IAM role: 
-    
-    
-              {
-                 "Version": "2012-10-17",
-                 "Statement": [
-                     {
-                         "Effect": "Allow",
-                         "Action": [
-                             "xray:GetInsightSummaries",
-                             "xray:GetInsight",
-                             "xray:GetInsightEvents",
-                             "xray:GetInsightImpactGraph"
-                         ],
-                         "Resource": [
-                             "*"
-                         ]
-                     }
-                 ]
-             }
-          
+X-Ray uses GetInsightSummaries, GetInsight, GetInsightEvents, and GetInsightImpactGraph API operations to retrieve data from insights.