AWS controlcatalog documentation change
Summary
Removed mention of specific interfaces (Management Console, CLI, API) where users lack permissions by default, simplifying the explanation of default access restrictions.
Security assessment
The change removes redundant details about access methods (Console/CLI/API) but does not alter the security posture or address vulnerabilities. It maintains the same security guidance regarding IAM policy requirements without introducing new security features or mitigations.
Diff
diff --git a/controlcatalog/latest/userguide/security_iam_id-based-policy-examples.md b/controlcatalog/latest/userguide/security_iam_id-based-policy-examples.md index f0d820400..ffd18f166 100644 --- a//controlcatalog/latest/userguide/security_iam_id-based-policy-examples.md +++ b//controlcatalog/latest/userguide/security_iam_id-based-policy-examples.md @@ -9 +9 @@ Policy best practicesAllow users to view their own permissionsAllow users to vie -By default, users and roles don't have permission to create or modify AWS Control Catalog resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles. +By default, users and roles don't have permission to create or modify AWS Control Catalog resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.