AWS cost-management documentation change
Summary
Removed JSON policy example for KMS key permissions related to AWS Budgets
Security assessment
Removal of a policy example could impact documentation completeness but doesn't indicate a security fix. No evidence of vulnerability being addressed.
Diff
diff --git a/cost-management/latest/userguide/budgets-sns-policy.md b/cost-management/latest/userguide/budgets-sns-policy.md index 9a3a6504e..425923b42 100644 --- a//cost-management/latest/userguide/budgets-sns-policy.md +++ b//cost-management/latest/userguide/budgets-sns-policy.md @@ -138,32 +137,0 @@ You must ensure that the key policies of the KMS keys allow the necessary permis -JSON - - -**** - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": "budgets.amazonaws.com" - }, - "Action": [ - "kms:GenerateDataKey*", - "kms:Decrypt" - ], - "Resource": "*", - "Condition": { - "StringEquals": { - "aws:SourceAccount": "<account-id>" - }, - "ArnLike": { - "aws:SourceArn": "arn:aws:budgets::<account-id>:*" - } - } - } - ] - } - -