AWS appstream2 medium security documentation change
Summary
Updated SAML policy ARNs with specific account IDs and regions
Security assessment
Hardcoded account IDs (e.g., '111122223333') prevent misconfiguration in federated access policies, reducing risk of unauthorized access.
Diff
diff --git a/appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md b/appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md index 53b9e432e..a5c27bd08 100644 --- a//appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md +++ b//appstream2/latest/developerguide/external-identity-providers-setting-up-saml.md @@ -107 +107 @@ JSON - "Federated": "arn:aws:iam::ACCOUNT-ID-WITHOUT-HYPHENS:saml-provider/IDENTITY-PROVIDER" + "Federated": "arn:aws:iam::111122223333:saml-provider/IDENTITY-PROVIDER" @@ -151 +150 @@ JSON - "Resource": "arn:aws:appstream:REGION-CODE:ACCOUNT-ID-WITHOUT-HYPHENS:stack/STACK-NAME", + "Resource": "arn:aws:appstream:us-east-1:ACCOUNT-ID-WITHOUT-HYPHENS:stack/STACK-NAME",