AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2025-08-13 · Documentation low

File: prescriptive-guidance/latest/presigned-url-best-practices/overview.md

Summary

Clarified policy types affecting presigned URLs by specifying 'identity-based policies' and adding 'resource control policies' to authorization factors

Security assessment

The change enhances documentation about authorization controls for presigned URLs but doesn't address a specific vulnerability. It provides clearer guidance about IAM policy types without indicating a security incident.

Diff

diff --git a/prescriptive-guidance/latest/presigned-url-best-practices/overview.md b/prescriptive-guidance/latest/presigned-url-best-practices/overview.md
index b6fe54bdc..f9817b02e 100644
--- a//prescriptive-guidance/latest/presigned-url-best-practices/overview.md
+++ b//prescriptive-guidance/latest/presigned-url-best-practices/overview.md
@@ -34 +34 @@ A presigned request can only allow actions that are allowed by the credentials t
-  * Policies that are associated with the principal who is associated with the credentials
+  * Identity-based policies that are associated with the principal who is associated with the credentials
@@ -39,0 +40,2 @@ A presigned request can only allow actions that are allowed by the credentials t
+  * Resource control policies that affect the session or principal
+