AWS prescriptive-guidance documentation change
Summary
Updated trust anchor ARN format in role trust policy examples to use proper resource path syntax
Security assessment
The change corrects placeholder values to match valid AWS ARN formats but doesn't introduce new security controls or address vulnerabilities. This is a documentation improvement for accuracy rather than a security-related modification.
Diff
diff --git a/prescriptive-guidance/latest/certificate-based-access-controls/option-2.md b/prescriptive-guidance/latest/certificate-based-access-controls/option-2.md index 65c37fa60..a2b86d2db 100644 --- a//prescriptive-guidance/latest/certificate-based-access-controls/option-2.md +++ b//prescriptive-guidance/latest/certificate-based-access-controls/option-2.md @@ -36 +36 @@ The following sample trust policy for **Role 1** has a condition that allows rol - "trust-anchor-arn" + "arn:aws:rolesanywhere:<region>:<account-ID>:trust-anchor/<TA_ID>" @@ -67 +67 @@ The following sample trust policy for **Role 2** has a condition that allows rol - "trust-anchor-arn" + "arn:aws:rolesanywhere:<region>:<account-ID>:trust-anchor/<TA_ID>"