AWS opensearch-service documentation change
Summary
Removed JSON example of OpenSearch domain access policy
Security assessment
The removed policy demonstrated resource-based access controls but its deletion doesn't indicate a security fix. This appears to be example cleanup rather than addressing a vulnerability.
Diff
diff --git a/opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md b/opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md index 005e4c2d4..f5abd82e3 100644 --- a//opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md +++ b//opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md @@ -144,26 +143,0 @@ The following sample domain access policy allows the pipeline role, which you cr -JSON - - -**** - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "AWS": "arn:aws:iam::444455556666:role/pipeline-role" - }, - "Action": [ - "es:DescribeDomain", - "es:ESHttp*" - ], - "Resource": [ - "arn:aws:es:us-east-1:account-id:domain/domain-name" - ] - } - ] - } - -