AWS Security ChangesHomeSearch

AWS comprehend documentation change

Service: comprehend · 2025-10-22 · Documentation low

File: comprehend/latest/dg/security_iam_id-based-policy-examples.md

Summary

Removed a sentence stating users can't perform tasks via AWS Console/CLI/API without permissions, focusing the text on IAM policy creation.

Security assessment

The change removes an explanatory note about default access restrictions but does not alter security recommendations or introduce new vulnerabilities. The core IAM policy guidance remains unchanged.

Diff

diff --git a/comprehend/latest/dg/security_iam_id-based-policy-examples.md b/comprehend/latest/dg/security_iam_id-based-policy-examples.md
index 24cc9968a..404f198a5 100644
--- a//comprehend/latest/dg/security_iam_id-based-policy-examples.md
+++ b//comprehend/latest/dg/security_iam_id-based-policy-examples.md
@@ -9 +9 @@ Policy best practicesUsing the consoleAllow users to view their own permissions
-By default, users and roles don't have permission to create or modify Amazon Comprehend resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles.
+By default, users and roles don't have permission to create or modify Amazon Comprehend resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.