AWS AmazonECS documentation change
Summary
Removed section about awsvpcTrunking account setting permissions and updated policy syntax
Security assessment
Removes outdated IAM policy requirements but does not indicate a security vulnerability. Appears to be documentation cleanup rather than a security-related change.
Diff
diff --git a/AmazonECS/latest/developerguide/instance_IAM_role.md b/AmazonECS/latest/developerguide/instance_IAM_role.md index 051719059..fdacdcf9d 100644 --- a//AmazonECS/latest/developerguide/instance_IAM_role.md +++ b//AmazonECS/latest/developerguide/instance_IAM_role.md @@ -5 +5 @@ -Create the container instance roleAmazon ECR permissions Permissions required for setting the awsvpcTrunking account setting Amazon S3 read-only access Permissions required for setting the awsvpcTrunking account settingMonitoring container instances permissions +Create the container instance roleAmazon ECR permissions Permissions required for setting the awsvpcTrunking account setting Amazon S3 read-only access Monitoring container instances permissions @@ -212,27 +211,0 @@ You can also use the IAM console to add Amazon S3 read-only access (`AmazonS3Rea -## Permissions required for setting the awsvpcTrunking account setting - -The Amazon ECS container instance role that you use with your container instances must have the following IAM policy permissions for setting the account setting - -JSON - - -**** - - - - { - "Version":"2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "ecs:ListAccountSettings", - "ecs:ListAttributes", - "ecs:PutAccountSetting" - ], - "Resource": "*" - } - ] - } - - @@ -261 +234 @@ If this is your first time choosing **Policies** , the **Welcome to Managed Poli - "Version": "2012-10-17",&TCX5-2025-waiver; + "Version": "2012-10-17",