AWS firehose documentation change
Summary
Deleted an example IAM policy granting Secrets Manager and KMS decrypt permissions
Security assessment
Removal of a policy example reduces guidance for secure configuration but doesn't indicate a security fix. The change removes documentation rather than addressing a specific vulnerability, though it could impact users' ability to implement least-privilege access.
Diff
diff --git a/firehose/latest/dev/secrets-manager-how.md b/firehose/latest/dev/secrets-manager-how.md index 2531fbb5a..c0ea2643d 100644 --- a//firehose/latest/dev/secrets-manager-how.md +++ b//firehose/latest/dev/secrets-manager-how.md @@ -45,15 +44,0 @@ For more information on IAM policies, see [Permissions policy examples for AWS S - { - "Version": "2012-10-17", - "Statement": [{ - "Effect": "Allow", - "Action": "secretsmanager:GetSecretValue", - "Resource": "Secret ARN" - }, - { - "Effect": "Allow", - "Action": "kms:Decrypt", - "Resource": "KMSKeyARN" - } - ] - } -