AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-07-25 · Documentation low

File: AmazonS3/latest/userguide/example-policies-s3.md

Summary

Added multiple JSON section dividers and formatting markers throughout the policy examples

Security assessment

Changes consist of formatting additions (JSON markers and section breaks) without modifying security-related content or policies

Diff

diff --git a/AmazonS3/latest/userguide/example-policies-s3.md b/AmazonS3/latest/userguide/example-policies-s3.md
index f15960fc6..91d8706c7 100644
--- a//AmazonS3/latest/userguide/example-policies-s3.md
+++ b//AmazonS3/latest/userguide/example-policies-s3.md
@@ -45,0 +46,6 @@ In addition to granting the `s3:PutObject`, `s3:GetObject`, and `s3:DeleteObject
+JSON
+    
+
+****
+    
+    
@@ -84,0 +92,6 @@ To grant each user access only to their folder, you can write a policy for each
+JSON
+    
+
+****
+    
+    
@@ -106,0 +121,6 @@ Instead of attaching policies to individual users, you can write a single policy
+JSON
+    
+
+****
+    
+    
@@ -130,0 +152,6 @@ If you want to test the preceding policy on the Amazon S3 console, the console r
+JSON
+    
+
+****
+    
+    
@@ -187,0 +216,6 @@ Instead of using usernames, you could create folders based on IAM user IDs. Each
+JSON
+    
+
+****
+    
+    
@@ -217,0 +253,6 @@ Attaching the following policy to the group grants everybody in the group access
+JSON
+    
+
+****
+    
+    
@@ -239,0 +282,6 @@ In this example, you create a group named ``AllUsers``, which contains all the I
+JSON
+    
+
+****
+    
+    
@@ -264,0 +314,6 @@ You want to prevent the ``AnyCompany`` group from doing anything else with the b
+JSON
+    
+
+****
+    
+    
@@ -285,0 +342,6 @@ If you want to ensure that your Amazon S3 principals are accessing only the reso
+JSON
+    
+
+****
+    
+    
@@ -317,0 +381,6 @@ If you have an [organizational unit (OU)](https://docs.aws.amazon.com/organizati
+JSON
+    
+
+****
+    
+    
@@ -351,0 +422,6 @@ In the following example policy, access is denied to Amazon S3 actions unless th
+JSON
+    
+
+****
+    
+    
@@ -381,0 +459,6 @@ The following example identity-based policy grants the `s3:GetAccountPublicAcces
+JSON
+    
+
+****
+    
+    
@@ -408,0 +493,6 @@ For a list of Amazon S3 Regions, see [Regions and Endpoints](https://docs.aws.am
+JSON
+    
+
+****
+    
+    
@@ -432,0 +524,6 @@ The `Deny` statement uses the `StringNotLike` condition. That is, a create bucke
+JSON
+    
+
+****
+    
+