AWS Security ChangesHomeSearch

AWS amazon-mq documentation change

Service: amazon-mq · 2025-07-25 · Documentation low

File: amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md

Summary

Added JSON formatting and corrected SourceArn placeholder in CloudWatch Logs policies

Security assessment

While the changes improve policy documentation structure and formatting, the empty SourceArn value appears to be a placeholder update rather than addressing a specific security vulnerability. The modifications enhance security documentation clarity but do not introduce new security controls.

Diff

diff --git a/amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md b/amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md
index e55c4ba79..0f063cdd3 100644
--- a//amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md
+++ b//amazon-mq/latest/developer-guide/configure-logging-monitoring-activemq.md
@@ -61,0 +62,6 @@ The following example [IAM-based policy](https://docs.aws.amazon.com/AmazonCloud
+JSON
+    
+
+****
+    
+    
@@ -96,0 +104,6 @@ The following resource-based policy grants permission for `logs:CreateLogStream`
+JSON
+    
+
+****
+    
+    
@@ -133,0 +148,6 @@ The following example demonstrates a resource-based policy that limits CloudWatc
+JSON
+    
+
+****
+    
+    
@@ -151 +171 @@ The following example demonstrates a resource-based policy that limits CloudWatc
-                                    "aws:SourceArn": "arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9"
+                                    "aws:SourceArn": ""
@@ -159,0 +181,6 @@ You can also configure your resource-based policy to limit CloudWatch Logs acces
+JSON
+    
+
+****
+    
+