AWS Security ChangesHomeSearch

AWS network-firewall documentation change

Service: network-firewall · 2025-08-13 · Documentation medium

File: network-firewall/latest/developerguide/logging-s3.md

Summary

Added JSON formatting markers and corrected S3 permissions (ListAllMyBuckets)

Security assessment

Fixed S3 action name to ListAllMyBuckets for accuracy. Improves security documentation but not a vulnerability fix.

Diff

diff --git a/network-firewall/latest/developerguide/logging-s3.md b/network-firewall/latest/developerguide/logging-s3.md
index df9ad3f93..10cfbba9a 100644
--- a//network-firewall/latest/developerguide/logging-s3.md
+++ b//network-firewall/latest/developerguide/logging-s3.md
@@ -75,0 +76,6 @@ You must have the following permissions settings to configure your firewall to s
+JSON
+    
+
+****
+    
+    
@@ -98 +104 @@ You must have the following permissions settings to configure your firewall to s
-                    "s3:GetBucketPolicy",
+                    "s3:GetBucketPolicy"
@@ -101 +107 @@ You must have the following permissions settings to configure your firewall to s
-                    Amazon S3 bucket ARN"
+                    "arn:aws:s3:::bucket-name"
@@ -111,0 +119,6 @@ If the user creating the log owns the bucket, the service automatically attaches
+JSON
+    
+
+****
+    
+    
@@ -137,0 +152,6 @@ For example, the following bucket policy allows AWS accounts `111122223333` and
+JSON
+    
+
+****
+    
+    
@@ -214,0 +236,6 @@ The following view shows both standard Amazon S3 permissions and the additional
+JSON
+    
+
+****
+    
+    
@@ -240 +267 @@ The following view shows both standard Amazon S3 permissions and the additional
-                    "s3:ListBuckets",
+                    "s3:ListAllMyBuckets",