AWS Security ChangesHomeSearch

AWS incident-manager documentation change

Service: incident-manager · 2025-08-25 · Documentation low

File: incident-manager/latest/userguide/runbooks.md

Summary

Added JSON formatting and specified concrete account ID in SSM ARNs

Security assessment

Provides clearer cross-account policy examples but doesn't fix security vulnerabilities. Improves documentation of secure cross-account patterns.

Diff

diff --git a/incident-manager/latest/userguide/runbooks.md b/incident-manager/latest/userguide/runbooks.md
index 208570cbd..ebdd8aebc 100644
--- a//incident-manager/latest/userguide/runbooks.md
+++ b//incident-manager/latest/userguide/runbooks.md
@@ -72,0 +73,6 @@ The second statement allows the Runbook service role to assume a role in another
+JSON
+    
+
+****
+    
+    
@@ -81,2 +87,2 @@ The second statement allows the Runbook service role to assume a role in another
-            "arn:aws:ssm:*:{{DocumentAccountId}}:automation-definition/{{DocumentName}}:*",
-            "arn:aws:ssm:*:{{DocumentAccountId}}:document/{{DocumentName}}:*",
+                    "arn:aws:ssm:*:111122223333:automation-definition/{{DocumentName}}:*",
+                    "arn:aws:ssm:*:111122223333:document/{{DocumentName}}:*",