AWS Security ChangesHomeSearch

AWS apigateway documentation change

Service: apigateway · 2025-10-16 · Documentation low

File: apigateway/latest/developerguide/security_iam_troubleshoot.md

Summary

Updated example IAM authorization error message to clarify that the denial is due to missing identity-based policies

Security assessment

The change improves documentation about IAM policy troubleshooting by providing more explicit error message examples. While related to security practices, there is no evidence this addresses a specific vulnerability or security incident. The modification enhances clarity for security configuration guidance.

Diff

diff --git a/apigateway/latest/developerguide/security_iam_troubleshoot.md b/apigateway/latest/developerguide/security_iam_troubleshoot.md
index 246bc29c5..7b1fc02a4 100644
--- a//apigateway/latest/developerguide/security_iam_troubleshoot.md
+++ b//apigateway/latest/developerguide/security_iam_troubleshoot.md
@@ -29 +29 @@ The following example error occurs when the `mateojackson` IAM user tries to use
-    User: arn:aws:iam::123456789012:user/mateojackson is not authorized to perform: apigateway:GetWidget on resource: my-example-widget
+    User: arn:aws:iam::123456789012:user/mateojackson is not authorized to perform: apigateway:GetWidget on resource: my-example-widget because no identity-based policy allows the GetWidget action