AWS r53recovery documentation change
Summary
Simplified IAM policy introduction by removing references to access methods and role assumption mechanics
Security assessment
Change focuses documentation on policy creation essentials. No security controls altered - maintains default deny principle and IAM policy requirement.
Diff
diff --git a/r53recovery/latest/dg/security_iam_id-based-policy-examples-routing.md b/r53recovery/latest/dg/security_iam_id-based-policy-examples-routing.md index e06f4fa31..b16676bcb 100644 --- a//r53recovery/latest/dg/security_iam_id-based-policy-examples-routing.md +++ b//r53recovery/latest/dg/security_iam_id-based-policy-examples-routing.md @@ -9 +9 @@ Policy best practicesExample: Console accessExamples: API actions -By default, users and roles don't have permission to create or modify ARC resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles. +By default, users and roles don't have permission to create or modify ARC resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.