AWS appsync documentation change
Summary
Removed JSON examples of IAM policies with conditional access controls
Security assessment
Policy example removal doesn't address specific security flaws. Appears to be documentation reorganization rather than security update.
Diff
diff --git a/appsync/latest/devguide/security_iam_id-based-policy-examples.md b/appsync/latest/devguide/security_iam_id-based-policy-examples.md index 1317cd89e..ea1a72aab 100644 --- a//appsync/latest/devguide/security_iam_id-based-policy-examples.md +++ b//appsync/latest/devguide/security_iam_id-based-policy-examples.md @@ -133,29 +132,0 @@ You can use conditions in your identity-based policy to control access to AWS Ap -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "ListWidgetsInConsole", - "Effect": "Allow", - "Action": "appsync:ListWidgets", - "Resource": "*" - }, - { - "Sid": "ViewWidgetIfOwner", - "Effect": "Allow", - "Action": "appsync:GetWidget", - "Resource": "arn:aws:appsync:*:*:widget/*", - "Condition": { - "StringEquals": {"aws:ResourceTag/Owner": "${aws:username}"} - } - } - ] - } - -