AWS AmazonCloudWatch documentation change
Summary
Documented updates to CloudWatchReadOnlyAccess and CloudWatchFullAccessV2 policies with new CloudTrail/Service Quotas permissions
Security assessment
The change documents expanded IAM policy permissions for monitoring features but does not address a security vulnerability. It adds documentation about security-relevant IAM policies supporting new observability features.
Diff
diff --git a/AmazonCloudWatch/latest/monitoring/DocumentHistory.md b/AmazonCloudWatch/latest/monitoring/DocumentHistory.md index cbd8f6c89..d019f9c54 100644 --- a//AmazonCloudWatch/latest/monitoring/DocumentHistory.md +++ b//AmazonCloudWatch/latest/monitoring/DocumentHistory.md @@ -10,0 +11,2 @@ Change| Description| Date +Updated CloudWatchReadOnlyAccess policy| CloudWatch updated [CloudWatchReadOnlyAccess](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/auth-and-access-control-cw.html#managed-policies-cloudwatch-CloudWatchReadOnlyAccess) to include CloudTrail and Service Quotas permissions to support top observations and change indicators functionality within Application Signals. | October 8, 2025 +Updated CloudWatchFullAccessV2 policy| CloudWatch updated [CloudWatchFullAccessV2](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/auth-and-access-control-cw.html#managed-policies-cloudwatch-CloudWatchFullAccessV2) to include CloudTrail and Service Quotas permissions to support top observations and change indicators functionality within Application Signals. | October 8, 2025