AWS incident-manager documentation change
Summary
Removed specific mention of AWS Management Console, CLI, and API from default permissions explanation. Simplified statement about default permissions.
Security assessment
The change removes redundant technical details about access methods but doesn't alter the security model or address vulnerabilities. The core security principle of least privilege remains unchanged.
Diff
diff --git a/incident-manager/latest/userguide/security_iam_id-based-policy-examples.md b/incident-manager/latest/userguide/security_iam_id-based-policy-examples.md index 7928e9f07..f39350065 100644 --- a//incident-manager/latest/userguide/security_iam_id-based-policy-examples.md +++ b//incident-manager/latest/userguide/security_iam_id-based-policy-examples.md @@ -11 +11 @@ AWS Systems Manager Incident Manager will no longer be open to new customers sta -By default, users and roles don't have permission to create or modify Incident Manager resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles. +By default, users and roles don't have permission to create or modify Incident Manager resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.