AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-08-28 · Documentation low

File: cognito/latest/developerguide/cognito-user-pools-working-with-lambda-triggers.md

Summary

Removed an example Lambda resource-based policy JSON configuration

Security assessment

The removal of a policy example does not directly indicate a security issue but may reduce clarity for users configuring permissions. No explicit security vulnerability is addressed.

Diff

diff --git a/cognito/latest/developerguide/cognito-user-pools-working-with-lambda-triggers.md b/cognito/latest/developerguide/cognito-user-pools-working-with-lambda-triggers.md
index c4ada8790..c812b0e86 100644
--- a//cognito/latest/developerguide/cognito-user-pools-working-with-lambda-triggers.md
+++ b//cognito/latest/developerguide/cognito-user-pools-working-with-lambda-triggers.md
@@ -99,31 +98,0 @@ The following example Lambda resource-based policy grants Amazon Cognito a limit
-JSON
-    
-
-****
-    
-    
-        {
-        "Version": "2012-10-17",
-        "Id": "default",
-        "Statement": [
-            {
-                "Sid": "lambda-allow-cognito",
-                "Effect": "Allow",
-                "Principal": {
-                    "Service": "cognito-idp.amazonaws.com"
-                },
-                "Action": "lambda:InvokeFunction",
-                "Resource": "<your Lambda function ARN>",
-                "Condition": {
-                    "StringEquals": {
-                        "AWS:SourceAccount": "<your account number>"
-                    },
-                    "ArnLike": {
-                        "AWS:SourceArn": "<your user pool ARN>"
-                    }
-                }
-            }
-        ]
-    }
-    
-