AWS Security ChangesHomeSearch

AWS directoryservice documentation change

Service: directoryservice · 2025-08-28 · Documentation low

File: directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md

Summary

Removed CloudWatch Logs resource policy example for log forwarding

Security assessment

Policy removal affects logging setup documentation but shows no evidence of addressing a security vulnerability. Log forwarding is security-relevant but change doesn't indicate a security fix.

Diff

diff --git a/directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md b/directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md
index 786f21ec9..ee387b698 100644
--- a//directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md
+++ b//directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md
@@ -85,25 +84,0 @@ Create a CloudWatch Logs resource policy granting AWS Directory Service rights t
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Principal": {
-                    "Service": "ds.amazonaws.com"
-                },
-                "Action": [
-                    "logs:CreateLogStream",
-                    "logs:PutLogEvents"
-                ],
-                "Resource": "arn:aws:logs:us-east-1: 111122223333:log-group:/aws/directoryservice/*"
-            }
-        ]
-    }
-    
-