AWS Security ChangesHomeSearch

AWS global-accelerator documentation change

Service: global-accelerator · 2025-10-22 · Documentation low

File: global-accelerator/latest/dg/security_iam_id-based-policy-examples.md

Summary

Removed explicit mention of AWS Management Console, CLI, and API from default permissions statement. Simplified explanation of IAM administrator responsibilities.

Security assessment

The change simplifies existing IAM policy documentation without introducing new security considerations or addressing vulnerabilities. Removing references to specific interfaces (Console/CLI/API) does not alter security implications - it maintains the same default permission model where users require explicit policies.

Diff

diff --git a/global-accelerator/latest/dg/security_iam_id-based-policy-examples.md b/global-accelerator/latest/dg/security_iam_id-based-policy-examples.md
index 1e0932d5f..c5f0895ad 100644
--- a//global-accelerator/latest/dg/security_iam_id-based-policy-examples.md
+++ b//global-accelerator/latest/dg/security_iam_id-based-policy-examples.md
@@ -9 +9 @@ Policy best practicesCreating an acceleratorUsing the consoleUsing an API action
-By default, users and roles don't have permission to create or modify Global Accelerator resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles.
+By default, users and roles don't have permission to create or modify Global Accelerator resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.