AWS Security ChangesHomeSearch

AWS guardduty documentation change

Service: guardduty · 2025-08-13 · Documentation low

File: guardduty/latest/ug/security_iam_id-based-policy-examples.md

Summary

Added JSON section markers and fixed policy syntax (trailing commas)

Security assessment

Changes improve policy syntax validity and document structure but do not introduce new security controls or address vulnerabilities.

Diff

diff --git a/guardduty/latest/ug/security_iam_id-based-policy-examples.md b/guardduty/latest/ug/security_iam_id-based-policy-examples.md
index 0d8488983..34f601d55 100644
--- a//guardduty/latest/ug/security_iam_id-based-policy-examples.md
+++ b//guardduty/latest/ug/security_iam_id-based-policy-examples.md
@@ -108,0 +109,6 @@ To create a custom policy that grants an IAM role, user, or group read-only acce
+JSON
+    
+
+****
+    
+    
@@ -142,0 +150,6 @@ You can use the following policy to deny an IAM role, user, or group access to G
+JSON
+    
+
+****
+    
+    
@@ -248,0 +263,6 @@ The following examples show how to create policies using some of the preceding o
+JSON
+    
+
+****
+    
+    
@@ -255 +275 @@ The following examples show how to create policies using some of the preceding o
-                     "guardduty:UpdateDetector",
+                    "guardduty:UpdateDetector"
@@ -267,0 +289,6 @@ Make sure that the user has the permissions required to access trusted IP lists
+JSON
+    
+
+****
+    
+    
@@ -274 +301 @@ Make sure that the user has the permissions required to access trusted IP lists
-                     "guardduty:UpdateIPSet",
+                    "guardduty:UpdateIPSet"
@@ -287,0 +315,6 @@ Make sure that the user has the permissions required to access trusted IP lists
+JSON
+    
+
+****
+    
+    
@@ -294 +327 @@ Make sure that the user has the permissions required to access trusted IP lists
-                     "guardduty:UpdateIPSet",
+                    "guardduty:UpdateIPSet"
@@ -306,0 +341,6 @@ Make sure that the user has the permissions required to access trusted IP lists
+JSON
+    
+
+****
+    
+    
@@ -313 +353 @@ Make sure that the user has the permissions required to access trusted IP lists
-                     "guardduty:UpdateIPSet",
+                    "guardduty:UpdateIPSet"