AWS Security ChangesHomeSearch

AWS managedservices documentation change

Service: managedservices · 2025-08-13 · Documentation low

File: managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-read-write-permissions.md

Summary

Expanded JSON formatting for AssumeRolePolicyDocument and PolicyDocument examples without changing actual permissions logic

Security assessment

The change only improves JSON formatting/structure in documentation examples. No security-related content changes - the existing permissions (like allowing root account access in AssumeRolePolicyDocument and tag-based conditions) were already present. Formatting changes don't address vulnerabilities or add security guidance.

Diff

diff --git a/managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-read-write-permissions.md b/managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-read-write-permissions.md
index 7e070e88b..bfbfae572 100644
--- a//managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-read-write-permissions.md
+++ b//managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-read-write-permissions.md
@@ -98 +98,12 @@ _TEMPLATE CREATE_ :
-            "AssumeRolePolicyDocument": {"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":"arn:aws:iam::123456789012:root"},"Action":"sts:AssumeRole"}]},
+            "AssumeRolePolicyDocument": {
+              "Version": "2012-10-17",
+              "Statement": [
+                {
+                  "Effect": "Allow",
+                  "Principal": {
+                    "AWS": "arn:aws:iam::123456789012:root"
+                  },
+                  "Action": "sts:AssumeRole"
+                }
+              ]
+            },
@@ -116 +127,18 @@ _TEMPLATE CREATE_ :
-            "PolicyDocument": {"Version":"2012-10-17","Statement":[{"Sid":"AllQueueActions","Effect":"Allow","Action":"sqs:ListQueues","Resource":"*","Condition":{"ForAllValues:StringEquals":{"aws:tagKeys":["temporary"]}}}]}
+            "PolicyDocument": {
+              "Version": "2012-10-17",
+              "Statement": [
+                {
+                  "Sid": "AllQueueActions",
+                  "Effect": "Allow",
+                  "Action": "sqs:ListQueues",
+                  "Resource": "*",
+                  "Condition": {
+                    "ForAllValues:StringEquals": {
+                      "aws:tagKeys": [
+                        "temporary"
+                      ]
+                    }
+                  }
+                }
+              ]
+            }