AWS managedservices documentation change
Summary
Improved JSON formatting for TrustPolicy and RolePermissions examples without altering permission definitions
Security assessment
Changes consist solely of JSON structure formatting improvements. The security-relevant aspects (like CodeBuild service principal in TrustPolicy and EC2 DescribeInstanceStatus permissions) remain unchanged from previous version. No evidence of security vulnerability fixes or new security guidance added.
Diff
diff --git a/managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-review-required.md b/managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-review-required.md index 6e129f646..7570eec9f 100644 --- a//managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-review-required.md +++ b//managedservices/latest/ctref/deployment-advanced-identity-and-access-management-iam-create-entity-or-policy-review-required.md @@ -96,2 +96,24 @@ _TEMPLATE CREATE_ : - "TrustPolicy": {"Version":"2008-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"codebuild.amazonaws.com"},"Action":"sts:AssumeRole"}]}, - "RolePermissions": {"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["ec2:DescribeInstanceStatus"],"Resource":"*"}]} + "TrustPolicy": { + "Version": "2008-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "codebuild.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + }, + "RolePermissions": { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeInstanceStatus" + ], + "Resource": "*" + } + ] + }