AWS medialive documentation change
Summary
Removed redundant explanation about default permissions and role assumption mechanics while maintaining core policy creation guidance
Security assessment
The change simplifies existing IAM policy documentation without introducing new security controls or addressing vulnerabilities. The removed text about console/CLI/API access denial by default was redundant with AWS security fundamentals, and the role assumption process removal doesn't impact policy examples' security validity.
Diff
diff --git a/medialive/latest/ug/security_iam_id-based-policy-examples.md b/medialive/latest/ug/security_iam_id-based-policy-examples.md index d180458d3..a2d3ec10a 100644 --- a//medialive/latest/ug/security_iam_id-based-policy-examples.md +++ b//medialive/latest/ug/security_iam_id-based-policy-examples.md @@ -9 +9 @@ Policy best practicesUsing the consoleAllow users to view their own permissions -By default, users and roles don't have permission to create or modify MediaLive resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles. +By default, users and roles don't have permission to create or modify MediaLive resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.