AWS Security ChangesHomeSearch

AWS amazonq medium security documentation change

Service: amazonq · 2025-07-25 · Security-related medium

File: amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md

Summary

Multiple policy example updates including KMS ARN standardization, region specification, and syntax corrections

Security assessment

Fixes missing comma in action list ('codewhisperer:ListCustomizations') which could lead to invalid IAM policies if copied directly, potentially causing unintended access controls. This addresses a security-adjacent configuration risk.

Diff

diff --git a/amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md b/amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md
index cbb5401e2..67cba190d 100644
--- a//amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md
+++ b//amazonq/latest/qdeveloper-ug/id-based-policy-examples-users.md
@@ -76 +76 @@ JSON
-            "arn:aws:kms:{{region}}:{{account_id}}:key/[[key_id]]"
+                    "arn:aws:kms:us-east-1:{111122223333}:key/[[key_id]]"
@@ -81 +81 @@ JSON
-                    "q.{{region}}.amazonaws.com"
+                            "q.us-east-1.amazonaws.com"
@@ -143 +143 @@ JSON
-            "codewhisperer:ListCustomizations", 
+                    "codewhisperer:ListCustomizations"
@@ -584,2 +584 @@ JSON
-                "Resource": "arn:aws:qdeveloper:AWS-region:AWS-account-ID:plugin/plugin-provider/*"
-                
+                "Resource": "arn:aws:qdeveloper:us-east-1:AWS-account-ID:plugin/plugin-provider/*"