AWS amazonq medium security documentation change
Summary
Multiple policy example updates including KMS ARN standardization, region specification, and syntax corrections
Security assessment
Fixes missing comma in action list ('codewhisperer:ListCustomizations') which could lead to invalid IAM policies if copied directly, potentially causing unintended access controls. This addresses a security-adjacent configuration risk.
Diff
diff --git a/amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md b/amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md index cbb5401e2..67cba190d 100644 --- a//amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md +++ b//amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md @@ -76 +76 @@ JSON - "arn:aws:kms:{{region}}:{{account_id}}:key/[[key_id]]" + "arn:aws:kms:us-east-1:{111122223333}:key/[[key_id]]" @@ -81 +81 @@ JSON - "q.{{region}}.amazonaws.com" + "q.us-east-1.amazonaws.com" @@ -143 +143 @@ JSON - "codewhisperer:ListCustomizations", + "codewhisperer:ListCustomizations" @@ -584,2 +584 @@ JSON - "Resource": "arn:aws:qdeveloper:AWS-region:AWS-account-ID:plugin/plugin-provider/*" - + "Resource": "arn:aws:qdeveloper:us-east-1:AWS-account-ID:plugin/plugin-provider/*"