AWS Security ChangesHomeSearch

AWS opsworks documentation change

Service: opsworks · 2025-08-28 · Documentation medium

File: opsworks/latest/userguide/opsworks-security-appsrole.md

Summary

Removed JSON examples of IAM policies granting S3 and OpsWorks permissions

Security assessment

The change removes example IAM policies but does not address a specific security vulnerability. This appears to be documentation cleanup rather than a security fix.

Diff

diff --git a/opsworks/latest/userguide/opsworks-security-appsrole.md b/opsworks/latest/userguide/opsworks-security-appsrole.md
index 57a9085fd..059468cd8 100644
--- a//opsworks/latest/userguide/opsworks-security-appsrole.md
+++ b//opsworks/latest/userguide/opsworks-security-appsrole.md
@@ -95,18 +94,0 @@ When you create your instance profile, you can attach an appropriate policy to t
-JSON
-    
-
-****
-    
-    
-    
-    {
-      "Version": "2012-10-17",
-      "Statement": [ {
-        "Effect": "Allow",
-        "Action": "s3:*",
-        "Resource": "arn:aws:s3:region::amzn-s3-demo-bucket/*"
-        }
-      ] 
-    }
-    
-
@@ -119,29 +100,0 @@ The following is an example of an IAM policy that allows you to call any OpsWork
-JSON
-    
-
-****
-    
-    
-    
-    {
-      "Version": "2012-10-17",
-      "Statement": [
-        {
-          "Effect": "Allow",
-          "Action": [
-            "ec2:*",
-            "s3:*",
-            "opsworks:*",
-            "iam:PassRole"
-          ],
-          "Resource": "arn:aws:ec2:region:account_id:instance/*",
-          "Condition": {
-            "StringEquals": {
-              "iam:PassedToService": "opsworks.amazonaws.com"
-            }
-          }
-        }
-      ]
-    }
-    
-