AWS Security ChangesHomeSearch

AWS opensearch-service documentation change

Service: opensearch-service · 2025-08-28 · Documentation low

File: opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md

Summary

Removed JSON example of OpenSearch domain access policy

Security assessment

The removed policy demonstrated resource-based access controls but its deletion doesn't indicate a security fix. This appears to be example cleanup rather than addressing a vulnerability.

Diff

diff --git a/opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md b/opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md
index 005e4c2d4..f5abd82e3 100644
--- a//opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md
+++ b//opensearch-service/latest/developerguide/configure-client-self-managed-opensearch.md
@@ -144,26 +143,0 @@ The following sample domain access policy allows the pipeline role, which you cr
-JSON
-    
-
-****
-    
-    
-        {
-      "Version": "2012-10-17",
-      "Statement": [
-        {
-          "Effect": "Allow",
-          "Principal": {
-            "AWS": "arn:aws:iam::444455556666:role/pipeline-role"
-          },
-          "Action": [
-            "es:DescribeDomain",
-            "es:ESHttp*"
-          ],
-          "Resource": [
-            "arn:aws:es:us-east-1:account-id:domain/domain-name"
-          ]
-        }
-      ]
-    }
-    
-