AWS Security ChangesHomeSearch

AWS iot-sitewise documentation change

Service: iot-sitewise · 2025-09-28 · Documentation low

File: iot-sitewise/latest/userguide/security-iam-awsmanpol.md

Summary

Updated AWSIoTSiteWiseReadOnlyAccess policy description to include ExecuteQuery permission and added changelog entry

Security assessment

Expands documentation of security controls (IAM policies) but does not address a specific security vulnerability. The change reflects added functionality rather than patching a security issue.

Diff

diff --git a/iot-sitewise/latest/userguide/security-iam-awsmanpol.md b/iot-sitewise/latest/userguide/security-iam-awsmanpol.md
index d115a1668..2927d8295 100644
--- a//iot-sitewise/latest/userguide/security-iam-awsmanpol.md
+++ b//iot-sitewise/latest/userguide/security-iam-awsmanpol.md
@@ -23 +23 @@ You can attach the `AWSIoTSiteWiseReadOnlyAccess` policy to your IAM identities.
-This policy provides read-only access to AWS IoT SiteWise. No other service permissions are included in this policy.
+This policy provides read-only access to AWS IoT SiteWise, including permissions to execute read-only SQL queries. No other service permissions are included in this policy.
@@ -256,0 +257 @@ Change | Description | Date
+AWSIoTSiteWiseReadOnlyAccess – Update to an existing policy |  AWS IoT SiteWise added the `iotsitewise:ExecuteQuery` permission to enable read-only SQL query execution through the AWS IoT SiteWise Grafana plugin. | September 25, 2025