AWS sap low security documentation change
Summary
Corrected IAM policy syntax by changing '{aws}' to 'AWS' in example policies to ensure valid JSON formatting
Security assessment
The change fixes incorrect IAM policy syntax that could lead to misconfigured permissions if users copy the example. While not addressing a specific vulnerability, improper IAM policies pose security risks through unintended access.
Diff
diff --git a/sap/latest/sap-hana/automated-patching.md b/sap/latest/sap-hana/automated-patching.md index 27808324d..c73b286ee 100644 --- a//sap/latest/sap-hana/automated-patching.md +++ b//sap/latest/sap-hana/automated-patching.md @@ -143 +143 @@ The following policy is an example Amazon S3 bucket policy that grants access to - "{aws}": "arn:aws:iam::{account_id}:role/service-role/{ec2_role}" + "AWS": "arn:aws:iam::{account_id}:role/service-role/{ec2_role}" @@ -296 +296 @@ You must set up IAM permissions for the Amazon S3 bucket. The following is a sam - "{aws}": "arn:aws:iam::{account_id}:role/service-role/{ec2_role}" + "AWS": "arn:aws:iam::{account_id}:role/service-role/{ec2_role}"