AWS AWSCloudFormation documentation change
Summary
Removed JSON example of IAM role trust policy for StackSets
Security assessment
Removal of an example StackSets IAM policy doesn't indicate a security issue - this appears to be documentation cleanup rather than addressing vulnerabilities.
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.md b/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.md index b677e4bb8..1de3570c3 100644 --- a//AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.md +++ b//AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.md @@ -548,20 +547,0 @@ When using StackSets, define the global keys `aws:SourceAccount` and `aws:Source - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": "cloudformation.amazonaws.com" - }, - "Action": "sts:AssumeRole", - "Condition": { - "StringEquals": { - "aws:SourceAccount": "111122223333" - }, - "StringLike": { - "aws:SourceArn": "arn:aws:cloudformation:*:111122223333:stackset/*" - } - } - } - ] - }