AWS managed-blockchain documentation change
Summary
Removed statement about users being unable to perform tasks via AWS Console/CLI/API by default, simplifying the default permissions explanation.
Security assessment
The change removes a redundant explanation about default access restrictions but does not alter the actual security controls or policies. The core security principle of least privilege remains intact in the documentation.
Diff
diff --git a/managed-blockchain/latest/ambbtc-dg/security_iam_id-based-policy-examples.md b/managed-blockchain/latest/ambbtc-dg/security_iam_id-based-policy-examples.md index d11f681d7..538c80536 100644 --- a//managed-blockchain/latest/ambbtc-dg/security_iam_id-based-policy-examples.md +++ b//managed-blockchain/latest/ambbtc-dg/security_iam_id-based-policy-examples.md @@ -9 +9 @@ Policy best practicesUsing the consoleAllow users to view their own permissionsA -By default, users and roles don't have permission to create or modify AMB Access Bitcoin resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles. +By default, users and roles don't have permission to create or modify AMB Access Bitcoin resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.