AWS Security ChangesHomeSearch

AWS awsaccountbilling medium security documentation change

Service: awsaccountbilling · 2025-08-22 · Security-related medium

File: awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md

Summary

Updated example ARN from placeholder 111111111111 to 123456789012 and added Principal field in policy example

Security assessment

Adding Principal:* to IAM policy could introduce security risks if implemented without constraints. The change demonstrates proper ARN formatting which helps prevent misconfiguration-related security issues. The principal wildcard in the example policy (if intended as a real configuration) would be a security concern, warranting medium severity.

Diff

diff --git a/awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md b/awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md
index be1a7b9d1..72e201cb0 100644
--- a//awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md
+++ b//awsaccountbilling/latest/aboutv2/migrate-iam-permissions.md
@@ -632 +632 @@ JSON
-                    "AWS": "arn:aws:iam::111111111111:BillingRole"
+                    "AWS": "arn:aws:iam::123456789012:role/BillingRole"
@@ -655 +655 @@ JSON
-                    "AWS": "arn:aws:iam::111111111111:BillingRole"
+                    "AWS": "arn:aws:iam::123456789012:role/BillingRole"
@@ -676 +676,2 @@ JSON
-                "Resource": "*"
+                "Resource": "*", 
+                "Principal": "*"
@@ -985 +986 @@ JSON
-    }}
+    }