AWS Security ChangesHomeSearch

AWS iot-sitewise documentation change

Service: iot-sitewise · 2025-10-22 · Documentation low

File: iot-sitewise/latest/userguide/security_iam_service-with-iam-roles.md

Summary

Updated explanation of Forward Access Sessions (FAS) to use more precise terminology and remove redundant operational details.

Security assessment

Clarifies existing IAM role delegation mechanics without introducing new security features or addressing vulnerabilities. The change improves accuracy but doesn't modify security guidance.

Diff

diff --git a/iot-sitewise/latest/userguide/security_iam_service-with-iam-roles.md b/iot-sitewise/latest/userguide/security_iam_service-with-iam-roles.md
index ae97c0e2d..f5d472ae5 100644
--- a//iot-sitewise/latest/userguide/security_iam_service-with-iam-roles.md
+++ b//iot-sitewise/latest/userguide/security_iam_service-with-iam-roles.md
@@ -38 +38 @@ For more information about federated portal user permissions, see [Use service r
-When you use an IAM user or role to perform actions in AWS, you are considered a principal. When you use some services, you might perform an action that then initiates another action in a different service. FAS uses the permissions of the principal calling an AWS service, combined with the requesting AWS service to make requests to downstream services. FAS requests are only made when a service receives a request that requires interactions with other AWS services or resources to complete. In this case, you must have permissions to perform both actions. For policy details when making FAS requests, see [Forward access sessions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_forward_access_sessions.html). 
+Forward access sessions (FAS) use the permissions of the principal calling an AWS service, combined with the requesting AWS service to make requests to downstream services. For policy details when making FAS requests, see [Forward access sessions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_forward_access_sessions.html).