AWS Security ChangesHomeSearch

AWS iotevents documentation change

Service: iotevents · 2025-10-22 · Documentation low

File: iotevents/latest/developerguide/security-iam.md

Summary

Restructured IAM roles section into bullet points with role-specific guidance and links

Security assessment

The update clarifies IAM role responsibilities and links to security-related documentation (e.g., troubleshooting, policy examples). While improving security guidance, there is no evidence of addressing a specific security vulnerability.

Diff

diff --git a/iotevents/latest/developerguide/security-iam.md b/iotevents/latest/developerguide/security-iam.md
index eba9bd761..be3869046 100644
--- a//iotevents/latest/developerguide/security-iam.md
+++ b//iotevents/latest/developerguide/security-iam.md
@@ -36 +36,7 @@ AWS Identity and Access Management (IAM) is an AWS service that helps an adminis
-How you use AWS Identity and Access Management (IAM) differs, depending on the work that you do in AWS IoT Events.
+How you use AWS Identity and Access Management (IAM) differs based on your role:
+
+  * **Service user** \- request permissions from your administrator if you cannot access features (see [Troubleshoot AWS IoT Events identity and access](./security_iam_troubleshoot.html))
+
+  * **Service administrator** \- determine user access and submit permission requests (see How AWS IoT Events works with IAM)
+
+  * **IAM administrator** \- write policies to manage access (see [AWS IoT Events identity-based policy examples](./security_iam_id-based-policy-examples.html))
@@ -38 +43,0 @@ How you use AWS Identity and Access Management (IAM) differs, depending on the w
-**Service user** – If you use the AWS IoT Events service to do your job, then your administrator provides you with the credentials and permissions that you need. As you use more AWS IoT Events features to do your work, you might need additional permissions. Understanding how access is managed can help you request the right permissions from your administrator. If you cannot access a feature in AWS IoT Events, see [Troubleshoot AWS IoT Events identity and access](./security_iam_troubleshoot.html).
@@ -40 +44,0 @@ How you use AWS Identity and Access Management (IAM) differs, depending on the w
-**Service administrator** – If you're in charge of AWS IoT Events resources at your company, you probably have full access to AWS IoT Events. It's your job to determine which AWS IoT Events features and resources your service users should access. You must then submit requests to your IAM administrator to change the permissions of your service users. Review the information on this page to understand the basic concepts of IAM. To learn more about how your company can use IAM with AWS IoT Events, see How AWS IoT Events works with IAM.
@@ -42 +45,0 @@ How you use AWS Identity and Access Management (IAM) differs, depending on the w
-**IAM administrator** – If you're an IAM administrator, you might want to learn details about how you can write policies to manage access to AWS IoT Events. To view example AWS IoT Events identity-based policies that you can use in IAM, see [AWS IoT Events identity-based policy examples](./security_iam_id-based-policy-examples.html).