AWS AWSEC2 documentation change
Summary
Updated launch template ARN examples with concrete region and account ID
Security assessment
Documentation formatting improvement for example resources. No security impact.
Diff
diff --git a/AWSEC2/latest/UserGuide/permissions-for-launch-templates.md b/AWSEC2/latest/UserGuide/permissions-for-launch-templates.md index 3b9bb5c8f..fa1fabf15 100644 --- a//AWSEC2/latest/UserGuide/permissions-for-launch-templates.md +++ b//AWSEC2/latest/UserGuide/permissions-for-launch-templates.md @@ -76 +76 @@ For resource-creating actions that apply tags, users must have the `ec2:CreateTa - "Resource": "arn:aws:ec2:region:account-id:launch-template/*", + "Resource": "arn:aws:ec2:us-east-1:111122223333:launch-template/*", @@ -144 +144 @@ A launch template has the following ARN. - "Resource": "arn:aws:ec2:region:account-id:launch-template/lt-09477bcd97b0d310e" + "Resource": "arn:aws:ec2:us-east-1:111122223333:launch-template/lt-09477bcd97b0d310e" @@ -235 +235 @@ You can use condition keys to limit tagging permissions when the resource is a l - "Resource": "arn:aws:ec2:region:account-id:launch-template/*", + "Resource": "arn:aws:ec2:us-east-1:111122223333:launch-template/*",