AWS security-ir documentation change
Summary
Removed JSON policy example allowing users to view their own IAM permissions
Security assessment
The change removes a policy example but does not indicate a security vulnerability fix. While the policy relates to security permissions, the removal itself doesn't address a specific security issue.
Diff
diff --git a/security-ir/latest/userguide/allow-users-to-view-their-own-permissions.md b/security-ir/latest/userguide/allow-users-to-view-their-own-permissions.md index 17bd5269a..3da17b26d 100644 --- a//security-ir/latest/userguide/allow-users-to-view-their-own-permissions.md +++ b//security-ir/latest/userguide/allow-users-to-view-their-own-permissions.md @@ -9,43 +8,0 @@ This example shows how you might create a policy that allows IAM users to view t -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "ViewOwnUserInfo", - "Effect": "Allow", - "Action": [ - "iam:GetUserPolicy", - "iam:ListGroupsForUser", - "iam:ListAttachedUserPolicies", - "iam:ListUserPolicies", - "iam:GetUser" - ], - "Resource": [ - "arn:aws::*:user/${AWS:username}" - ] - }, - { - "Sid": "NavigateInConsole", - "Effect": "Allow", - "Action": [ - "iam:GetGroupPolicy", - "iam:GetPolicyVersion", - "iam:GetPolicy", - "iam:ListAttachedGroupPolicies", - "iam:ListGroupPolicies", - "iam:ListPolicyVersions", - "iam:ListPolicies", - "iam:ListUsers" - ], - "Resource": "*" - } - ] - } - -