AWS awsaccountbilling medium security documentation change
Summary
Updated example ARN from placeholder 111111111111 to 123456789012 and added Principal field in policy example
Security assessment
Adding Principal:* to IAM policy could introduce security risks if implemented without constraints. The change demonstrates proper ARN formatting which helps prevent misconfiguration-related security issues. The principal wildcard in the example policy (if intended as a real configuration) would be a security concern, warranting medium severity.
Diff
diff --git a/awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md b/awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md index be1a7b9d1..72e201cb0 100644 --- a//awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md +++ b//awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md @@ -632 +632 @@ JSON - "AWS": "arn:aws:iam::111111111111:BillingRole" + "AWS": "arn:aws:iam::123456789012:role/BillingRole" @@ -655 +655 @@ JSON - "AWS": "arn:aws:iam::111111111111:BillingRole" + "AWS": "arn:aws:iam::123456789012:role/BillingRole" @@ -676 +676,2 @@ JSON - "Resource": "*" + "Resource": "*", + "Principal": "*" @@ -985 +986 @@ JSON - }} + }