AWS datasync documentation change
Summary
Removed detailed cross-account bucket policy JSON example
Security assessment
Removal of policy examples doesn't indicate security fixes. Maintains same security context through placeholder without adding new security guidance.
Diff
diff --git a/datasync/latest/userguide/tutorial_s3-s3-cross-account-transfer.md b/datasync/latest/userguide/tutorial_s3-s3-cross-account-transfer.md index 8aea374ea..98c2851b9 100644 --- a//datasync/latest/userguide/tutorial_s3-s3-cross-account-transfer.md +++ b//datasync/latest/userguide/tutorial_s3-s3-cross-account-transfer.md @@ -290,28 +290,7 @@ In your destination account, modify the destination S3 bucket policy to include - { - "Version": "2008-10-17", - "Statement": [ - { - "Sid": "DataSyncCreateS3LocationAndTaskAccess", - "Effect": "Allow", - "Principal": { - "AWS": "arn:aws:iam::source-account:role/source-datasync-role" - }, - "Action": [ - "s3:GetBucketLocation", - "s3:ListBucket", - "s3:ListBucketMultipartUploads", - "s3:AbortMultipartUpload", - "s3:DeleteObject", - "s3:GetObject", - "s3:ListMultipartUploadParts", - "s3:PutObject", - "s3:GetObjectTagging", - "s3:PutObjectTagging" - ], - "Resource": [ - "arn:aws:s3:::amzn-s3-demo-destination-bucket", - "arn:aws:s3:::amzn-s3-demo-destination-bucket/*" - ] - } - ] - } +JSON + + +**** + + +