AWS Security ChangesHomeSearch

AWS AmazonRDS documentation change

Service: AmazonRDS · 2025-08-10 · Documentation low

File: AmazonRDS/latest/UserGuide/zero-etl.creating-smlh.md

Summary

Updated IAM policy examples with concrete account ID (111122223333), standardized JSON formatting, and corrected policy statement IDs

Security assessment

Changes involve documentation formatting improvements and example standardization (using placeholder replacement with 111122223333). While IAM policies are security-related, there's no evidence of addressing a specific vulnerability or weakness. The updates improve clarity but don't introduce new security controls.

Diff

diff --git a/AmazonRDS/latest/UserGuide/zero-etl.creating-smlh.md b/AmazonRDS/latest/UserGuide/zero-etl.creating-smlh.md
index e5e03d505..b421c8f2c 100644
--- a//AmazonRDS/latest/UserGuide/zero-etl.creating-smlh.md
+++ b//AmazonRDS/latest/UserGuide/zero-etl.creating-smlh.md
@@ -87,0 +88,6 @@ The role must have the following permissions, which allow the user to view avail
+JSON
+    
+
+****
+    
+    
@@ -105,0 +113,6 @@ The role must have the following trust policy, which specifies the target accoun
+JSON
+    
+
+****
+    
+    
@@ -113 +126 @@ The role must have the following trust policy, which specifies the target accoun
-                "AWS": "arn:aws:iam::{external-account-id}:root"
+                "AWS": "arn:aws:iam::111122223333:root"
@@ -161,0 +176,6 @@ Modifying DB parameters requires a reboot. Before you can create the integration
+JSON
+    
+
+****
+    
+        
@@ -170,2 +190,2 @@ Modifying DB parameters requires a reboot. Before you can create the integration
-                        "arn:aws:glue:region:account-id:catalog/*",
-                        "arn:aws:glue:region:account-id:catalog"
+                        "arn:aws:glue:us-east-1:111122223333:catalog/*",
+                        "arn:aws:glue:us-east-1:111122223333:catalog"
@@ -178,0 +200,6 @@ The target IAM role must have the following trust relationship:
+JSON
+    
+
+****
+    
+        
@@ -292,0 +321,6 @@ The following sample policy demonstrates how to provide the required permissions
+JSON
+    
+
+****
+    
+    
@@ -299 +333 @@ The following sample policy demonstrates how to provide the required permissions
-                "Sid": "Enables IAM user permissions",
+                "Sid": "EnablesIAMUserPermissions",
@@ -302 +336 @@ The following sample policy demonstrates how to provide the required permissions
-                    "AWS": "arn:aws:iam::{account-ID}:root"
+                "AWS": "arn:aws:iam::111122223333:root"
@@ -308 +342 @@ The following sample policy demonstrates how to provide the required permissions
-                "Sid": "Allows the Glue service principal to add a grant to an AWS KMS key",
+                "Sid": "AllowsGlueServicePrincipalAddGrantAWS KMSKey",
@@ -329 +363 @@ The following sample policy demonstrates how to provide the required permissions
-                "Sid": "Allows the current user or role to add a grant to a KMS key",
+                "Sid": "AllowsCurrentUserRoleAddGrantKMSKey",
@@ -332 +366 @@ The following sample policy demonstrates how to provide the required permissions
-                    "AWS": "arn:aws:iam::{account-ID}:role/{role-name}"
+                "AWS": "arn:aws:iam::111122223333:role/{role-name}"
@@ -351 +385 @@ The following sample policy demonstrates how to provide the required permissions
-                "Sid": "Allows the current uer or role to retrieve information about a KMS key",
+                "Sid": "AllowsCurrentUserRoleRetrieveKMSKeyInformation",
@@ -354 +388 @@ The following sample policy demonstrates how to provide the required permissions
-                    "AWS": "arn:aws:iam::{account-ID}:role/{role-name}"
+                "AWS": "arn:aws:iam::111122223333:role/{role-name}"