AWS codeguru documentation change
Summary
Restructured IAM audience documentation into bullet points with role-specific guidance and added links to related security resources
Security assessment
The changes clarify IAM role responsibilities and link to security troubleshooting/policy examples, improving access management guidance. However, there is no evidence of addressing a specific vulnerability or security incident.
Diff
diff --git a/codeguru/latest/profiler-ug/security_iam_audience.md b/codeguru/latest/profiler-ug/security_iam_audience.md index 7d85200e3..cadbcc5f2 100644 --- a//codeguru/latest/profiler-ug/security_iam_audience.md +++ b//codeguru/latest/profiler-ug/security_iam_audience.md @@ -7 +7,7 @@ -How you use AWS Identity and Access Management (IAM) differs, depending on the work that you do in CodeGuru Profiler. +How you use AWS Identity and Access Management (IAM) differs based on your role: + + * **Service user** \- request permissions from your administrator if you cannot access features (see [Troubleshooting CodeGuru Profiler identity and access](./security_iam_troubleshoot.html)) + + * **Service administrator** \- determine user access and submit permission requests (see [Overview of managing access permissions to your CodeGuru Profiler resources](./security_iam_service-with-iam.html)) + + * **IAM administrator** \- write policies to manage access (see [Customer managed policy examples](./auth-and-access-control-iam-identity-based-access-control.html#security_iam_id-based-policy-examples)) @@ -9 +14,0 @@ How you use AWS Identity and Access Management (IAM) differs, depending on the w -**Service user** – If you use the CodeGuru Profiler service to do your job, then your administrator provides you with the credentials and permissions that you need. As you use more CodeGuru Profiler features to do your work, you might need additional permissions. Understanding how access is managed can help you request the right permissions from your administrator. If you cannot access a feature in CodeGuru Profiler, see [Troubleshooting CodeGuru Profiler identity and access](./security_iam_troubleshoot.html). @@ -11 +15,0 @@ How you use AWS Identity and Access Management (IAM) differs, depending on the w -**Service administrator** – If you're in charge of CodeGuru Profiler resources at your company, you probably have full access to CodeGuru Profiler. It's your job to determine which CodeGuru Profiler features and resources your service users should access. You must then submit requests to your IAM administrator to change the permissions of your service users. Review the information on this page to understand the basic concepts of IAM. To learn more about how your company can use IAM with CodeGuru Profiler, see [Overview of managing access permissions to your CodeGuru Profiler resources](./security_iam_service-with-iam.html). @@ -13 +16,0 @@ How you use AWS Identity and Access Management (IAM) differs, depending on the w -**IAM administrator** – If you're an IAM administrator, you might want to learn details about how you can write policies to manage access to CodeGuru Profiler. To view example CodeGuru Profiler identity-based policies that you can use in IAM, see [Customer managed policy examples](./auth-and-access-control-iam-identity-based-access-control.html#security_iam_id-based-policy-examples).