AWS apigateway documentation change
Summary
Removed two JSON policy examples for API Gateway access control and VPC endpoint restrictions
Security assessment
While the removed policies contained security-related configurations, their removal does not indicate a security vulnerability fix. This appears to be documentation simplification without explicit security context.
Diff
diff --git a/apigateway/latest/developerguide/apigateway-private-custom-domains-provider-share-cli.md b/apigateway/latest/developerguide/apigateway-private-custom-domains-provider-share-cli.md index ac8d6e28c..9d861a8f9 100644 --- a//apigateway/latest/developerguide/apigateway-private-custom-domains-provider-share-cli.md +++ b//apigateway/latest/developerguide/apigateway-private-custom-domains-provider-share-cli.md @@ -105,25 +104,0 @@ The following example policy is for the `managementPolicy` for the Amazon API Ga -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "AWS": [ - "111122223333", - "444455556666" - ] - }, - "Action": "apigateway:CreateAccessAssociation", - "Resource": "arn:aws:apigateway:us-west-2:111122223333:/domainnames/private.example.com+a1b2c3" - } - ] - } - - @@ -132,34 +106,0 @@ The following example policy is the policy for the `policy` for the `execute-api -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": "*", - "Action": "execute-api:Invoke", - "Resource": "arn:aws:execute-api:us-west-2:111122223333:/domainnames/private.example.com+abcd1234" - }, - { - "Effect": "Deny", - "Principal": "*", - "Action": "execute-api:Invoke", - "Resource": "arn:aws:execute-api:us-west-2:111122223333:/domainnames/private.example.com+abcd1234", - "Condition": { - "StringNotEquals": { - "aws:SourceVpce": [ - "vpce-abcd1234", - "vpce-xyzz0000" - ] - } - } - } - ] - } - -