AWS systems-manager-automation-runbooks documentation change
Summary
Updated Secrets Manager and EC2 ARNs to specify 'us-east-1' region in IAM policies
Security assessment
Regional specificity in example ARNs improves accuracy but doesn't introduce new security controls or address vulnerabilities.
Diff
diff --git a/systems-manager-automation-runbooks/latest/userguide/automation-aws-postgresqlworkloadreview.md b/systems-manager-automation-runbooks/latest/userguide/automation-aws-postgresqlworkloadreview.md index 0896a7022..7f078d8dc 100644 --- a//systems-manager-automation-runbooks/latest/userguide/automation-aws-postgresqlworkloadreview.md +++ b//systems-manager-automation-runbooks/latest/userguide/automation-aws-postgresqlworkloadreview.md @@ -123 +123 @@ JSON - "Resource": "arn:aws:secretsmanager:region:account id:secret:secret id", + "Resource": "arn:aws:secretsmanager:us-east-1:account id:secret:secret id", @@ -172 +172 @@ JSON - "arn:aws:ec2:region:account id:instance/temporary instance id", + "arn:aws:ec2:us-east-1:account id:instance/temporary instance id", @@ -189 +189 @@ JSON - "Resource": "arn:aws:iam::account id:role/SSM-*", + "Resource": "arn:aws:iam::111122223333:role/SSM-*",