AWS Security ChangesHomeSearch

AWS chatbot documentation change

Service: chatbot · 2025-10-22 · Documentation low

File: chatbot/latest/adminguide/security_iam_service-with-iam-id-based-policies.md

Summary

Condensed explanation of the Action element in IAM policies by removing details about permission-only actions and dependent actions.

Security assessment

The change simplifies the description of policy actions but removes contextual information about edge cases (e.g., permission-only actions). While this could marginally reduce clarity for policy authors, there is no indication of a resolved security issue or vulnerability. The update appears focused on brevity rather than security.

Diff

diff --git a/chatbot/latest/adminguide/security_iam_service-with-iam-id-based-policies.md b/chatbot/latest/adminguide/security_iam_service-with-iam-id-based-policies.md
index 449233920..dffe45d32 100644
--- a//chatbot/latest/adminguide/security_iam_service-with-iam-id-based-policies.md
+++ b//chatbot/latest/adminguide/security_iam_service-with-iam-id-based-policies.md
@@ -48,3 +48 @@ Administrators can use AWS JSON policies to specify who has access to what. That
-The `Action` element of a JSON policy describes the actions that you can use to allow or deny access in a policy. Policy actions usually have the same name as the associated AWS API operation. There are some exceptions, such as _permission-only actions_ that don't have a matching API operation. There are also some operations that require multiple actions in a policy. These additional actions are called _dependent actions_.
-
-Include actions in a policy to grant permissions to perform the associated operation.
+The `Action` element of a JSON policy describes the actions that you can use to allow or deny access in a policy. Include actions in a policy to grant permissions to perform the associated operation.