AWS Security ChangesHomeSearch

AWS quicksight documentation change

Service: quicksight · 2025-08-28 · Documentation low

File: quicksight/latest/user/embedded-analytics-dashboards-for-everyone.md

Summary

Removed JSON policy example for GenerateEmbedUrlForAnonymousUser with AllowedEmbeddingDomains condition

Security assessment

The removed policy demonstrated domain restriction via AllowedEmbeddingDomains, but its deletion does not indicate a security fix. This reduces documentation clarity for a security control but isn't evidence of addressing a vulnerability.

Diff

diff --git a/quicksight/latest/user/embedded-analytics-dashboards-for-everyone.md b/quicksight/latest/user/embedded-analytics-dashboards-for-everyone.md
index 7853b6e1c..d2dcb2dd2 100644
--- a//quicksight/latest/user/embedded-analytics-dashboards-for-everyone.md
+++ b//quicksight/latest/user/embedded-analytics-dashboards-for-everyone.md
@@ -52,33 +51,0 @@ The following sample policy provides these permissions for use with `GenerateEmb
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Action": [
-                    "quicksight:GenerateEmbedUrlForAnonymousUser"
-                ],
-                "Resource": [
-                    "arn:aws:quicksight:{{region}}:{{accountId}}:namespace/{{namespace}}",
-                    "arn:aws:quicksight:{{region}}:{{accountId}}:dashboard/{{dashboardId-1}}",
-                    "arn:aws:quicksight:{{region}}:{{accountId}}:dashboard/{{dashboardId-2}}"
-                ],
-                "Condition": {
-                    "ForAllValues:StringEquals": {
-                        "quicksight:AllowedEmbeddingDomains": [
-                            "https://my.static.domain1.com",
-                            "https://*.my.static.domain2.com"
-                        ]
-                    }
-                }
-            }
-        ]
-    }
-    
-