AWS systems-manager documentation change
Summary
Removed JSON policy example for S3 bucket permissions
Security assessment
Removes an example S3 bucket policy but doesn't indicate any security flaws in the previous example. Likely documentation simplification.
Diff
diff --git a/systems-manager/latest/userguide/systems-manager-just-in-time-node-access-rdp-recording.md b/systems-manager/latest/userguide/systems-manager-just-in-time-node-access-rdp-recording.md index 6d99e336f..25451d5bb 100644 --- a//systems-manager/latest/userguide/systems-manager-just-in-time-node-access-rdp-recording.md +++ b//systems-manager/latest/userguide/systems-manager-just-in-time-node-access-rdp-recording.md @@ -101,33 +100,0 @@ To store your connection recordings, you must first create an S3 bucket and add -JSON - - -**** - - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "ConnectionRecording", - "Effect": "Allow", - "Principal": { - "Service": [ - "ssm-guiconnect.amazonaws.com" - ] - }, - "Action": "s3:PutObject", - "Resource": [ - "arn:aws:s3:::", - "arn:aws:s3:::/*" - ], - "Condition":{ - "StringEquals":{ - "aws:SourceAccount":"111122223333" - } - } - } - ] - } - -