AWS r53recovery documentation change
Summary
Added JSON trust policy example allowing arc-region-switch service to assume roles
Security assessment
Introduces required trust policy configuration for secure service-to-service authorization. While security-related documentation, there's no indication this addresses a specific vulnerability - appears to be standard security guidance addition.
Diff
diff --git a/r53recovery/latest/dg/security_iam_region_switch_trust_policy.md b/r53recovery/latest/dg/security_iam_region_switch_trust_policy.md index 85244b996..a160c4590 100644 --- a//r53recovery/latest/dg/security_iam_region_switch_trust_policy.md +++ b//r53recovery/latest/dg/security_iam_region_switch_trust_policy.md @@ -8,0 +9,21 @@ This is the trust policy required for the plan's execution role, so that ARC can +JSON + + +**** + + + + { + "Version":"2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "arc-region-switch.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + } + +