AWS Security ChangesHomeSearch

AWS appsync medium security documentation change

Service: appsync · 2025-07-25 · Security-related medium

File: appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md

Summary

Updated Elasticsearch ARNs with 'us-east-1' region and specific account IDs

Security assessment

Regional and account-specific ARNs prevent misconfigured resource access in IAM policies.

Diff

diff --git a/appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md b/appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md
index 56b8c774e..6410481f1 100644
--- a//appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md
+++ b//appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md
@@ -52 +52 @@ JSON
-                    "arn:aws:es:REGION:ACCOUNTNUMBER:domain/democluster/*"
+                    "arn:aws:es:us-east-1:ACCOUNTNUMBER:domain/democluster/*"
@@ -97 +97 @@ JSON
-                "AWS": "arn:aws:iam::ACCOUNTNUMBER:role/service-role/APPSYNC_DATASOURCE_ROLE"
+                    "AWS": "arn:aws:iam::111122223333:role/service-role/APPSYNC_DATASOURCE_ROLE"
@@ -106 +106 @@ JSON
-            "Resource": "arn:aws:es:REGION:ACCOUNTNUMBER:domain/DOMAIN_NAME/*"
+                "Resource": "arn:aws:es:us-east-1:ACCOUNTNUMBER:domain/DOMAIN_NAME/*"