AWS Security ChangesHomeSearch

AWS step-functions documentation change

Service: step-functions · 2025-08-28 · Documentation low

File: step-functions/latest/dg/getting-started.md

Summary

Added a detailed IAM policy JSON example for DetectSentiment permissions

Security assessment

The added IAM policy example demonstrates proper permissions configuration for AWS Comprehend, which is a security best practice. However, it does not address a specific security issue.

Diff

diff --git a/step-functions/latest/dg/getting-started.md b/step-functions/latest/dg/getting-started.md
index b01da6f99..8c79a68a9 100644
--- a//step-functions/latest/dg/getting-started.md
+++ b//step-functions/latest/dg/getting-started.md
@@ -452 +452,16 @@ Before you can run the workflow, you need to create a **role** and **policy** to
-  5. For **Policy name** enter `DetectSentimentPolicy`, then **Create policy**.
+  5. For **Policy name** enter `DetectSentimentPolicy`, then **Create policy**. You should have created a policy as JSON, similar to the following: TIM
+    
+        {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Action": [
+                    "comprehend:DetectSentiment"
+                ],
+                "Resource": [
+                    "*"
+                ],
+                "Effect": "Allow"
+            }
+        ]
+    }