AWS Security ChangesHomeSearch

AWS mediatailor documentation change

Service: mediatailor · 2025-10-16 · Documentation medium

File: mediatailor/latest/ug/channel-assembly-access-configuration-access-configuring.md

Summary

Added JSON example for SecretsManager resource policy granting MediaTailor access to retrieve secret values

Security assessment

This change documents secure secret management practices but does not address a specific vulnerability. The example policy shows least-privilege access configuration for sensitive credentials, which is security best practice documentation rather than a response to an active security issue.

Diff

diff --git a/mediatailor/latest/ug/channel-assembly-access-configuration-access-configuring.md b/mediatailor/latest/ug/channel-assembly-access-configuration-access-configuring.md
index 0ff27e2e8..d5366f831 100644
--- a//mediatailor/latest/ug/channel-assembly-access-configuration-access-configuring.md
+++ b//mediatailor/latest/ug/channel-assembly-access-configuration-access-configuring.md
@@ -143,0 +144,24 @@ The following is a policy statement example that you can add for MediaTailor:
+JSON
+    
+
+****
+    
+    
+    
+    {
+    
+        "Version":"2012-10-17",		 	 	 
+        "Statement": [
+            {
+                "Effect": "Allow",
+                "Principal": {
+                    "Service": "mediatailor.amazonaws.com" 
+                },
+                "Action": "secretsmanager:GetSecretValue",
+                "Resource": "arn:aws:secretsmanager:us-east-1:111122223333:secret:secret-name" 
+            } 
+        ] 
+    
+    }
+    
+