AWS opsworks documentation change
Summary
Removed JSON example of IAM policy with resource tagging conditions
Security assessment
The change removes an example policy but does not indicate any security vulnerability being addressed. This appears to be documentation simplification.
Diff
diff --git a/opsworks/latest/userguide/security_iam_id-based-policy-examples.md b/opsworks/latest/userguide/security_iam_id-based-policy-examples.md index 7016bfadb..d8072ffe2 100644 --- a//opsworks/latest/userguide/security_iam_id-based-policy-examples.md +++ b//opsworks/latest/userguide/security_iam_id-based-policy-examples.md @@ -96,31 +95,0 @@ You can use conditions in your identity-based policy to control access to OpsWor -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "ListServersInConsole", - "Effect": "Allow", - "Action": "opsworks-cm:DescribeServers", - "Resource": "*" - }, - { - "Sid": "ViewServerIfOwner", - "Effect": "Allow", - "Action": "opsworks-cm:DescribeServers", - "Resource": "arn:aws:opsworks-cm:us-east-1:master-account-ID:server/server-name", - "Condition": { - "StringEquals": { - "opsworks-cm:ResourceTag/Owner": "${aws:username}" - } - } - } - ] - } - -