AWS amazon-mq documentation change
Summary
Added JSON formatting and corrected SourceArn placeholder in CloudWatch Logs policies
Security assessment
While the changes improve policy documentation structure and formatting, the empty SourceArn value appears to be a placeholder update rather than addressing a specific security vulnerability. The modifications enhance security documentation clarity but do not introduce new security controls.
Diff
diff --git a/amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md b/amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md index e55c4ba79..0f063cdd3 100644 --- a//amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md +++ b//amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md @@ -61,0 +62,6 @@ The following example [IAM-based policy](https://docs.aws.amazon.com/AmazonCloud +JSON + + +**** + + @@ -96,0 +104,6 @@ The following resource-based policy grants permission for `logs:CreateLogStream` +JSON + + +**** + + @@ -133,0 +148,6 @@ The following example demonstrates a resource-based policy that limits CloudWatc +JSON + + +**** + + @@ -151 +171 @@ The following example demonstrates a resource-based policy that limits CloudWatc - "aws:SourceArn": "arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9" + "aws:SourceArn": "" @@ -159,0 +181,6 @@ You can also configure your resource-based policy to limit CloudWatch Logs acces +JSON + + +**** + +