AWS quicksight documentation change
Summary
Removed Cognito unauthenticated user role policy example
Security assessment
Policy example removal reduces documentation for web identity federation setup but doesn't address a specific security issue.
Diff
diff --git a/quicksight/latest/user/troubleshoot-webidentity-federation.md b/quicksight/latest/user/troubleshoot-webidentity-federation.md index a040f3321..8436afd68 100644 --- a//quicksight/latest/user/troubleshoot-webidentity-federation.md +++ b//quicksight/latest/user/troubleshoot-webidentity-federation.md @@ -37,30 +36,0 @@ Amazon Cognito IAM Identity Center is set up for unauthenticated users in the Am -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Federated": "cognito-identity.amazonaws.com" - }, - "Action": "sts:AssumeRoleWithWebIdentity", - "Resource": "*", - "Condition": { - "StringEquals": { - "cognito-identity.amazonaws.com:aud": "us-west-2:cognito-pool-id" - }, - "ForAnyValue:StringLike": { - "cognito-identity.amazonaws.com:amr": "unauthenticated" - } - } - } - ] - } - -