AWS security-ir documentation change
Summary
Fixed ARN format in IAM policy example (lowercase 'aws' and removed 'iam' service reference) and added JSON formatting markers.
Security assessment
Corrects a typo in the ARN format but introduces an invalid service reference (missing 'iam'). While this could lead to policy misconfiguration, there is no evidence of a direct security vulnerability being patched.
Diff
diff --git a/security-ir/latest/userguide/allow-users-to-view-their-own-permissions.md b/security-ir/latest/userguide/allow-users-to-view-their-own-permissions.md index 5bc2859d0..17bd5269a 100644 --- a//security-ir/latest/userguide/allow-users-to-view-their-own-permissions.md +++ b//security-ir/latest/userguide/allow-users-to-view-their-own-permissions.md @@ -8,0 +9,6 @@ This example shows how you might create a policy that allows IAM users to view t +JSON + + +**** + + @@ -23 +29,3 @@ This example shows how you might create a policy that allows IAM users to view t - "Resource": ["arn:AWS:iam::*:user/${AWS:username}"] + "Resource": [ + "arn:aws::*:user/${AWS:username}" + ]