AWS Security ChangesHomeSearch

AWS opensearch-service documentation change

Service: opensearch-service · 2025-08-28 · Documentation low

File: opensearch-service/latest/developerguide/ml-external-connector.md

Summary

Removed IAM policy example for passing roles and ESHttpPost permissions

Security assessment

The change removes an example policy but doesn't indicate any security issue. Focus appears to be on simplifying documentation.

Diff

diff --git a/opensearch-service/latest/developerguide/ml-external-connector.md b/opensearch-service/latest/developerguide/ml-external-connector.md
index 6653aeb8c..fbb332cd9 100644
--- a//opensearch-service/latest/developerguide/ml-external-connector.md
+++ b//opensearch-service/latest/developerguide/ml-external-connector.md
@@ -106,24 +105,0 @@ In order to create the connector, you need permission to pass the IAM role to Op
-JSON
-    
-
-****
-    
-    
-    
-    {
-      "Version": "2012-10-17",
-      "Statement": [
-        {
-          "Effect": "Allow",
-          "Action": "iam:PassRole",
-          "Resource": "arn:aws:iam:::role/opensearch-secretmanager-role"
-        },
-        {
-          "Effect": "Allow",
-          "Action": "es:ESHttpPost",
-          "Resource": "arn:aws:es:us-east-1::domain/domain-name/*"
-        }
-      ]
-    }
-    
-