AWS cur documentation change
Summary
Removed default S3 bucket policy example for data exports
Security assessment
Policy removal might affect reference documentation but doesn't demonstrate a security fix. The policy shown was a standard resource policy without explicit security issues mentioned.
Diff
diff --git a/cur/latest/userguide/dataexports-s3-bucket.md b/cur/latest/userguide/dataexports-s3-bucket.md index 9601e0109..3169c1ba5 100644 --- a//cur/latest/userguide/dataexports-s3-bucket.md +++ b//cur/latest/userguide/dataexports-s3-bucket.md @@ -15,41 +14,0 @@ The following policy is applied to every S3 bucket when creating a data export: -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "EnableAWSDataExportsToWriteToS3AndCheckPolicy", - "Effect": "Allow", - "Principal": { - "Service": [ - "billingreports.amazonaws.com", - "bcm-data-exports.amazonaws.com" - ] - }, - "Action": [ - "s3:PutObject", - "s3:GetBucketPolicy" - ], - "Resource": [ - "arn:aws:s3:::${bucket_name}/*", - "arn:aws:s3:::${bucket_name}" - ], - "Condition": { - "StringLike": { - "aws:SourceAccount": "${accountId}", - "aws:SourceArn": [ - "arn:aws:cur:us-east-1:${accountId}:definition/*", - "arn:aws:bcm-data-exports:us-east-1:${accountId}:export/*" - ] - } - } - } - ] - } - -