AWS quicksight documentation change
Summary
Removed JSON policy example granting Secrets Manager access
Security assessment
Eliminated example of least-privilege secret retrieval policy, but no indication of security vulnerability being addressed. Reduces security documentation clarity.
Diff
diff --git a/quicksight/latest/user/secrets-manager-integration-select-secrets.md b/quicksight/latest/user/secrets-manager-integration-select-secrets.md index b359b62cd..7072138ba 100644 --- a//quicksight/latest/user/secrets-manager-integration-select-secrets.md +++ b//quicksight/latest/user/secrets-manager-integration-select-secrets.md @@ -33,22 +32,0 @@ QuickSight creates an IAM role called `aws-quicksight-secretsmanager-role-v0` in -JSON - - -**** - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "secretsmanager:GetSecretValue" - ], - "Resource": [ - "arn:aws:secretsmanager:region:accountId:secret:secret_name" - ] - } - ] - } - -