AWS directoryservice documentation change
Summary
Removed CloudWatch Logs resource policy example for log forwarding
Security assessment
Policy removal affects logging setup documentation but shows no evidence of addressing a security vulnerability. Log forwarding is security-relevant but change doesn't indicate a security fix.
Diff
diff --git a/directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md b/directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md index 786f21ec9..ee387b698 100644 --- a//directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md +++ b//directoryservice/latest/admin-guide/ms_ad_enable_log_forwarding.md @@ -85,25 +84,0 @@ Create a CloudWatch Logs resource policy granting AWS Directory Service rights t -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": "ds.amazonaws.com" - }, - "Action": [ - "logs:CreateLogStream", - "logs:PutLogEvents" - ], - "Resource": "arn:aws:logs:us-east-1: 111122223333:log-group:/aws/directoryservice/*" - } - ] - } - -