AWS AmazonS3 documentation change
Summary
Added JSON example of a Multi-Region Access Point policy granting object access
Security assessment
The change provides a sample resource policy for access control purposes but does not indicate remediation of a security vulnerability.
Diff
diff --git a/AmazonS3/latest/userguide/MultiRegionAccessPointPermissions.md b/AmazonS3/latest/userguide/MultiRegionAccessPointPermissions.md index 296ed7966..764460edf 100644 --- a//AmazonS3/latest/userguide/MultiRegionAccessPointPermissions.md +++ b//AmazonS3/latest/userguide/MultiRegionAccessPointPermissions.md @@ -227,0 +228,28 @@ The following Multi-Region Access Point policy allows account ``123456789012`` p +JSON + + +**** + + + + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "AWS": "arn:aws:iam::111122223333:user/JohnDoe" + }, + "Action": [ + "s3:ListBucket", + "s3:GetObject" + ], + "Resource": [ + "arn:aws:s3::111122223333:accesspoint/MultiRegionAccessPoint_alias", + "arn:aws:s3::111122223333:accesspoint/MultiRegionAccessPoint_alias/object/*" + ] + } + ] + } + +