AWS Security ChangesHomeSearch

AWS AmazonCloudWatch medium security documentation change

Service: AmazonCloudWatch · 2025-08-28 · Security-related medium

File: AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.md

Summary

Removed an example resource policy with IP-based access controls

Security assessment

The deleted policy demonstrated IP restriction patterns for RUM data collection. Its removal likely addresses risks of exposing insecure example IP filtering logic that could be misconfigured to allow unintended access.

Diff

diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.md b/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.md
index f97bc00fa..da92bd708 100644
--- a//AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.md
+++ b//AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.md
@@ -47,31 +46,0 @@ You can modify the policy to block specified source IP addresses by using the `a
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Action": "rum:PutRumEvents",
-                "Resource": "arn:aws:rum:us-east-1:accountID:appmonitor/app monitor name",
-                "Principal": "*"
-            },
-            {
-                "Effect": "Deny",
-                "Action": "rum:PutRumEvents",
-                "Resource": "arn:aws:rum:us-east-1:123456789012:appmonitor/app monitor name",
-                "Principal": "*",
-                "Condition": {
-                    "NotIpAddress": {
-                        "aws:SourceIp": "************"
-                    }
-                }
-            }
-        ]
-    }
-    
-