AWS IAM documentation change
Summary
Removed JSON policy example combining MFA and time-based conditions
Security assessment
Removal of MFA-related example reduces visibility of security best practices but doesn't indicate a security vulnerability.
Diff
diff --git a/IAM/latest/UserGuide/reference_policies_examples_aws_mfa-dates.md b/IAM/latest/UserGuide/reference_policies_examples_aws_mfa-dates.md index 37abf912b..5d6ae9b71 100644 --- a//IAM/latest/UserGuide/reference_policies_examples_aws_mfa-dates.md +++ b//IAM/latest/UserGuide/reference_policies_examples_aws_mfa-dates.md @@ -11,26 +10,0 @@ To learn about using multiple conditions within the `Condition` block of an IAM -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": { - "Effect": "Allow", - "Action": [ - "service-prefix-1:*", - "service-prefix-2:action-name-a", - "service-prefix-2:action-name-b" - ], - "Resource": "*", - "Condition": { - "Bool": {"aws:MultiFactorAuthPresent": true}, - "DateGreaterThan": {"aws:CurrentTime": "2017-07-01T00:00:00Z"}, - "DateLessThan": {"aws:CurrentTime": "2017-12-31T23:59:59Z"} - } - } - } - -