AWS apigateway documentation change
Summary
Removed a JSON policy example for WebSocket API access control with explicit allow/deny rules
Security assessment
While the policy included security controls, the removal does not indicate a security fix. Appears to be documentation streamlining without security implications.
Diff
diff --git a/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.md b/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.md index 19620748a..2d0092d81 100644 --- a//apigateway/latest/developerguide/apigateway-websocket-control-access-iam.md +++ b//apigateway/latest/developerguide/apigateway-websocket-control-access-iam.md @@ -28,41 +27,0 @@ For example, you could set up the following policy to the client. This example a -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "execute-api:Invoke" - ], - "Resource": [ - "arn:aws:execute-api:us-east-1:111122223333:api-id/prod/*" - ] - }, - { - "Effect": "Deny", - "Action": [ - "execute-api:Invoke" - ], - "Resource": [ - "arn:aws:execute-api:us-east-1:111122223333:api-id/prod/secret" - ] - }, - { - "Effect": "Deny", - "Action": [ - "execute-api:ManageConnections" - ], - "Resource": [ - "arn:aws:execute-api:us-east-1:111122223333:api-id/*" - ] - } - ] - } - -