AWS Security ChangesHomeSearch

AWS quicksight documentation change

Service: quicksight · 2025-08-28 · Documentation low

File: quicksight/latest/user/jit-email-syncing.md

Summary

Removed JSON policy example for SAML-based JIT provisioning with Okta

Security assessment

Policy removal eliminates an example of secure role assumption and tagging configuration, but no evidence of addressing a vulnerability. Security documentation reduced rather than added.

Diff

diff --git a/quicksight/latest/user/jit-email-syncing.md b/quicksight/latest/user/jit-email-syncing.md
index 87365815e..8e3fe84e8 100644
--- a//quicksight/latest/user/jit-email-syncing.md
+++ b//quicksight/latest/user/jit-email-syncing.md
@@ -37,40 +36,0 @@ The following example illustrates an updated IAM role where the IdP is Okta. To
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Principal": {
-                    "Federated": "arn:aws:iam::111122223333:saml-provider/Okta"
-                },
-                "Action": "sts:AssumeRoleWithSAML",
-                "Resource": "*",
-                "Condition": {
-                    "StringEquals": {
-                        "SAML:aud": "https://signin.aws.amazon.com/saml"
-                    }
-                }
-            },
-            {
-                "Effect": "Allow",
-                "Principal": {
-                    "Federated": "arn:aws:iam::111122223333:saml-provider/Okta"
-                },
-                "Action": "sts:TagSession",
-                "Resource": "*",
-                "Condition": {
-                    "StringLike": {
-                        "aws:RequestTag/Email": "*"
-                    }
-                }
-            }
-        ]
-    }
-    
-