AWS macie documentation change
Summary
Simplified explanation of default permissions by removing specific references to AWS Management Console, CLI, and API access limitations, and removed mention of users assuming roles
Security assessment
The change appears to be a documentation simplification rather than addressing a specific security vulnerability. While discussing IAM policies is security-related, there's no evidence this change fixes a security issue or adds new security guidance. The removed text was redundant rather than security-critical.
Diff
diff --git a/macie/latest/user/security_iam_id-based-policy-examples.md b/macie/latest/user/security_iam_id-based-policy-examples.md index 24027b401..b3a4f1fc7 100644 --- a//macie/latest/user/security_iam_id-based-policy-examples.md +++ b//macie/latest/user/security_iam_id-based-policy-examples.md @@ -9 +9 @@ Policy best practicesUsing the Macie consoleExample: Allow users to review their -By default, users and roles don't have permission to create or modify Macie resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles. +By default, users and roles don't have permission to create or modify Macie resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.