AWS Security ChangesHomeSearch

AWS amazonq documentation change

Service: amazonq · 2025-07-25 · Documentation low

File: amazonq/latest/qdeveloper-ug/security_iam_manage-access-with-kms-policies.md

Summary

Updated example KMS policy with concrete account ID (111122223333) and region-specific service endpoint

Security assessment

Change improves security documentation clarity by using standard AWS example account ID and explicit service endpoint, but does not address a specific vulnerability. Enhances security best practice examples without fixing a known issue.

Diff

diff --git a/amazonq/latest/qdeveloper-ug/security_iam_manage-access-with-kms-policies.md b/amazonq/latest/qdeveloper-ug/security_iam_manage-access-with-kms-policies.md
index db2775ed4..e6beda935 100644
--- a//amazonq/latest/qdeveloper-ug/security_iam_manage-access-with-kms-policies.md
+++ b//amazonq/latest/qdeveloper-ug/security_iam_manage-access-with-kms-policies.md
@@ -33 +33 @@ JSON
-            "AWS": "arn:aws:iam::{{awsAccountId}}:role/{{rolename}}"
+                    "AWS": "arn:aws:iam::111122223333:role/{{rolename}}"
@@ -47 +47 @@ JSON
-              "kms:ViaService": "q.{{region}}.amazonaws.com",
+                        "kms:ViaService": "q.us-east-1.amazonaws.com",