AWS Security ChangesHomeSearch

AWS healthlake documentation change

Service: healthlake · 2025-08-28 · Documentation low

File: healthlake/latest/devguide/reference-smart-on-fhir-token-validation.md

Summary

Removed JSON examples for SecretsManager permissions and service role trust policy

Security assessment

Example removal does not alter security requirements. No security vulnerabilities mentioned in changes.

Diff

diff --git a/healthlake/latest/devguide/reference-smart-on-fhir-token-validation.md b/healthlake/latest/devguide/reference-smart-on-fhir-token-validation.md
index d857f7fd7..6e079b012 100644
--- a//healthlake/latest/devguide/reference-smart-on-fhir-token-validation.md
+++ b//healthlake/latest/devguide/reference-smart-on-fhir-token-validation.md
@@ -207,19 +206,0 @@ Adding the IAM action `GetSecretValue` to execution role grants the necessary pe
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Action": "secretsmanager:GetSecretValue",
-                "Resource": "arn:aws:secretsmanager:"your-aws-account-id:secret:secret-name-DKodTA"
-            }
-        ]
-    }
-    
-
@@ -292,28 +272,0 @@ Use this procedure to create a service role. When you create a service you will
-JSON
-    
-
-****
-    
-    
-        {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Action": "sts:AssumeRole",
-                "Principal": {
-                    "Service": "healthlake.amazonaws.com"
-                },
-                "Condition": {
-                    "StringEquals": {
-                        "aws:SourceAccount": "your-account-id"
-                    },
-                    "ArnEquals": {
-                        "aws:SourceArn": "arn:aws:healthlake:us-east-1:your-account-id:datastore/fhir/your-datastore-id"
-                    }
-                }
-            }
-        ]
-    }
-    
-