AWS AmazonS3 documentation change
Summary
Added JSON code block markers, modified resource ARNs in example policies to use wildcards
Security assessment
Changed example policy resource ARNs from specific buckets to wildcards ('arn:aws:s3:::/*'). While broad permissions could introduce risks, this appears to be a documentation example generalization rather than a direct security fix.
Diff
diff --git a/AmazonS3/latest/userguide/access-management.md b/AmazonS3/latest/userguide/access-management.md index 7bc044c04..95d9bcb38 100644 --- a//AmazonS3/latest/userguide/access-management.md +++ b//AmazonS3/latest/userguide/access-management.md @@ -152,0 +153,6 @@ The following is an example bucket policy. You express the bucket policy by usin +JSON + + +**** + + @@ -164 +170 @@ The following is an example bucket policy. You express the bucket policy by usin - "Resource":["arn:aws:s3:::amzn-s3-demo-bucket1/*"] + "Resource":["arn:aws:s3:::/*"] @@ -175,0 +183,6 @@ The following is an example of an identity-based policy. The example policy allo +JSON + + +**** + + @@ -191,2 +204,2 @@ The following is an example of an identity-based policy. The example policy allo - "arn:aws:s3:::amzn-s3-demo-bucket1/*", - "arn:aws:s3:::amzn-s3-demo-bucket1" + "arn:aws:s3:::/*", + "arn:aws:s3:::"