AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-08-28 · Documentation low

File: AmazonS3/latest/userguide/s3-tables-kms-permissions.md

Summary

Removed KMS key policy example for SSE-KMS encrypted tables maintenance access

Security assessment

Deletion of KMS policy template removes encryption configuration guidance but doesn't address a specific security vulnerability. Impacts documentation completeness rather than security posture.

Diff

diff --git a/AmazonS3/latest/userguide/s3-tables-kms-permissions.md b/AmazonS3/latest/userguide/s3-tables-kms-permissions.md
index 30343e078..31d02b986 100644
--- a//AmazonS3/latest/userguide/s3-tables-kms-permissions.md
+++ b//AmazonS3/latest/userguide/s3-tables-kms-permissions.md
@@ -68,31 +67,0 @@ To grant maintenance access on SSE-KMS encrypted tables, you can use the followi
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Sid": "EnableKeyUsage",
-                "Effect": "Allow",
-                "Principal": {
-                    "Service": "maintenance.s3tables.amazonaws.com"            
-                },
-                "Action": [
-                    "kms:GenerateDataKey",
-                    "kms:Decrypt"
-                ],
-                "Resource": "arn:aws:kms:aws-region:111122223333:key/key-id",
-                "Condition": {
-                    "StringLike": {
-                        "kms:EncryptionContext:aws:s3:arn":"<table-or-table-bucket-arn>/*"
-                    }
-                }
-            }
-        ]
-    }
-    
-