AWS appsync documentation change
Summary
Removed OpenSearch Service access policy examples and domain permissions
Security assessment
Deletion of security policy examples doesn't address specific vulnerabilities. Likely documentation cleanup.
Diff
diff --git a/appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md b/appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md index 6410481f1..158334e0c 100644 --- a//appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md +++ b//appsync/latest/devguide/tutorial-elasticsearch-resolvers-js.md @@ -31,28 +30,0 @@ After the OpenSearch Service domain is created, navigate to your AWS AppSync Gra -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "Stmt1234234", - "Effect": "Allow", - "Action": [ - "es:ESHttpDelete", - "es:ESHttpHead", - "es:ESHttpGet", - "es:ESHttpPost", - "es:ESHttpPut" - ], - "Resource": [ - "arn:aws:es:us-east-1:ACCOUNTNUMBER:domain/democluster/*" - ] - } - ] - } - - @@ -84,28 +55,0 @@ Additionally, the OpenSearch Service domain has its own **Access Policy** that y -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "AWS": "arn:aws:iam::111122223333:role/service-role/APPSYNC_DATASOURCE_ROLE" - }, - "Action": [ - "es:ESHttpDelete", - "es:ESHttpHead", - "es:ESHttpGet", - "es:ESHttpPost", - "es:ESHttpPut" - ], - "Resource": "arn:aws:es:us-east-1:ACCOUNTNUMBER:domain/DOMAIN_NAME/*" - } - ] - } - -