AWS glue documentation change
Summary
Removed KMS key policy examples for data catalog and password encryption
Security assessment
Removal of example policies reduces documentation clarity but doesn't indicate a security fix. No evidence these examples were insecure or related to a vulnerability.
Diff
diff --git a/glue/latest/dg/set-up-encryption.md b/glue/latest/dg/set-up-encryption.md index 97fa4cbf1..75090e8fc 100644 --- a//glue/latest/dg/set-up-encryption.md +++ b//glue/latest/dg/set-up-encryption.md @@ -25,20 +24,0 @@ The following example workflow highlights the options to configure when you use -JSON - - -**** - - - { - "Version": "2012-10-17", - "Statement": { - "Effect": "Allow", - "Action": [ - "kms:GenerateDataKey", - "kms:Decrypt", - "kms:Encrypt" - ], - "Resource": "<key-arns-used-for-data-catalog>" - } - } - - @@ -47,18 +26,0 @@ JSON -JSON - - -**** - - - { - "Version": "2012-10-17", - "Statement": { - "Effect": "Allow", - "Action": [ - "kms:Decrypt" - ], - "Resource": "<key-arns-used-for-password-encryption>" - } - } - -