AWS efs documentation change
Summary
Simplified explanation of default permissions and removed references to specific interfaces (AWS Management Console, CLI, API) in IAM policy documentation
Security assessment
The change removes specific examples of access methods but does not address a specific vulnerability or security incident. It appears to be a general documentation clarification rather than a security fix. While IAM policies are security-related, there's no evidence this change was prompted by a newly discovered weakness.
Diff
diff --git a/efs/latest/ug/security_iam_id-based-policy-examples.md b/efs/latest/ug/security_iam_id-based-policy-examples.md index 71d2d75a7..060a43dbf 100644 --- a//efs/latest/ug/security_iam_id-based-policy-examples.md +++ b//efs/latest/ug/security_iam_id-based-policy-examples.md @@ -9 +9 @@ Policy best practicesUsing the consoleExample: Allow users to view their own per -By default, users and roles don't have permission to create or modify Amazon EFS resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles. +By default, users and roles don't have permission to create or modify Amazon EFS resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.