AWS Security ChangesHomeSearch

AWS devicefarm documentation change

Service: devicefarm · 2025-08-28 · Documentation low

File: devicefarm/latest/developerguide/security_iam_id-based-policy-examples.md

Summary

Removed multiple JSON IAM policy examples related to TestGrid project access, CI runner permissions, and conditional access controls

Security assessment

Policy examples were removed but no evidence of addressing a specific vulnerability. Changes appear to be cleanup of documentation examples rather than security fixes.

Diff

diff --git a/devicefarm/latest/developerguide/security_iam_id-based-policy-examples.md b/devicefarm/latest/developerguide/security_iam_id-based-policy-examples.md
index 01b12c172..9b779bbc8 100644
--- a//devicefarm/latest/developerguide/security_iam_id-based-policy-examples.md
+++ b//devicefarm/latest/developerguide/security_iam_id-based-policy-examples.md
@@ -89,32 +88,0 @@ In addition to the `devicefarm:GetTestGridProject` endpoint, the account must ha
-JSON
-    
-
-****
-    
-    
-    
-    {
-       "Version":"2012-10-17",
-       "Statement":[
-          {
-             "Sid":"GetTestGridProject",
-             "Effect":"Allow",
-             "Action":[
-                "devicefarm:GetTestGridProject"
-             ],
-             "Resource":"arn:aws:devicefarm:us-west-2:111122223333:testgrid-project:"
-          },
-          {
-             "Sid":"ViewProjectInfo",
-             "Effect":"Allow",
-             "Action":[
-                "devicefarm:ListTestGridSessions",
-                "devicefarm:ListTestGridSessionActions",
-                "devicefarm:ListTestGridSessionArtifacts"
-             ],
-             "Resource":"arn:aws:devicefarm:us-west-2:111122223333:testgrid-*:/*"
-          }
-       ]
-    }
-    
-
@@ -123,26 +90,0 @@ If you are using CI systems, you should give each CI runner unique access creden
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "$id": "scheduleTestRuns",
-                "effect": "Allow",
-                "Action": [
-                    "devicefarm:CreateUpload",
-                    "devicefarm:ScheduleRun"
-                ],
-                "Resource": [
-                    "arn:aws:devicefarm:us-west-2:111122223333:project:",
-                    "arn:aws:devicefarm:us-west-2:111122223333:*:/*"
-                ]
-            }
-        ]
-    }
-    
-
@@ -153,32 +94,0 @@ You can use conditions in your identity-based policy to control access to Device
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Sid": "ListTestGridProjectSessions",
-                "Effect": "Allow",
-                "Action": [
-                    ":ListTestGridSession*",
-                    ":GetTestGridSession",
-                    ":ListTestGridProjects"
-                ],
-                "Resource": [
-                    "arn:aws::us-west-2:testgrid-project:*/*",
-                    "arn:aws::us-west-2:testgrid-session:*/*"
-                ],
-                "Condition": {
-                    "StringEquals": {
-                        "aws:TagKey/Owner": "${aws:username}"
-                    }
-                }
-            }
-        ]
-    }
-    
-