AWS datasync medium security documentation change
Summary
Added manifest size limit note and corrected IAM policy version/ARN
Security assessment
The IAM policy version change from 2008-10-17 to 2012-10-17 fixes a security misconfiguration risk (older policies lack critical security features). This directly addresses a potential security weakness.
Diff
diff --git a/datasync/latest/userguide/transferring-with-manifest.md b/datasync/latest/userguide/transferring-with-manifest.md index 03a2b3603..460c8a0ab 100644 --- a//datasync/latest/userguide/transferring-with-manifest.md +++ b//datasync/latest/userguide/transferring-with-manifest.md @@ -12,0 +13,4 @@ Manifests are similar to [filters](./filtering.html) but let you identify exactl +###### Note + +The maximum allowable size for a manifest file with Enhanced mode tasks is 20 GB. + @@ -383 +387 @@ Once you've created the IAM role, you must add it to the S3 bucket policy in the - "Version": "2008-10-17", + "Version": "2012-10-17", @@ -389 +393 @@ Once you've created the IAM role, you must add it to the S3 bucket policy in the - "AWS": "arn:aws:iam::account-id:role/datasync-role" + "AWS": "arn:aws:iam::123456789012:role/datasync-role"