AWS Security ChangesHomeSearch

AWS rolesanywhere documentation change

Service: rolesanywhere · 2025-08-28 · Documentation low

File: rolesanywhere/latest/userguide/getting-started.md

Summary

Removed a JSON trust policy example for IAM Roles Anywhere with source ARN conditions.

Security assessment

The policy removal does not demonstrate a security fix. The example included security best practices (ArnEquals condition), but its deletion lacks explicit security context.

Diff

diff --git a/rolesanywhere/latest/userguide/getting-started.md b/rolesanywhere/latest/userguide/getting-started.md
index 145c072ac..b96a8a356 100644
--- a//rolesanywhere/latest/userguide/getting-started.md
+++ b//rolesanywhere/latest/userguide/getting-started.md
@@ -82,33 +81,0 @@ Before you can create an IAM Roles Anywhere profile, you need at least one IAM r
-JSON
-    
-
-****
-    
-    
-        {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Principal": {
-                    "Service": [
-                        "rolesanywhere.amazonaws.com"
-                    ]
-                },
-                "Action": [
-                  "sts:AssumeRole",
-                  "sts:TagSession",
-                  "sts:SetSourceIdentity"
-                ],
-                "Condition": {
-                  "ArnEquals": {
-                    "aws:SourceArn": [
-                      "arn:aws:rolesanywhere:us-east-1:account:trust-anchor/TA_ID"
-                    ]
-                  }
-                }
-            }
-        ]
-    }
-    
-