AWS Security ChangesHomeSearch

AWS step-functions documentation change

Service: step-functions · 2025-10-22 · Documentation low

File: step-functions/latest/dg/security_iam_id-based-policy-examples.md

Summary

Shortened explanation of default permissions, removing specific references to AWS Management Console, CLI, and API access

Security assessment

The change reduces redundancy in stating default deny permissions but does not alter security guidance or address a specific security issue. Core policy enforcement mechanisms remain unchanged.

Diff

diff --git a/step-functions/latest/dg/security_iam_id-based-policy-examples.md b/step-functions/latest/dg/security_iam_id-based-policy-examples.md
index 3b1d257d6..27a4a2dd9 100644
--- a//step-functions/latest/dg/security_iam_id-based-policy-examples.md
+++ b//step-functions/latest/dg/security_iam_id-based-policy-examples.md
@@ -9 +9 @@ Policy best practicesUsing the consoleAllow users to view their own permissions
-By default, users and roles don't have permission to create or modify Step Functions resources. They also can't perform tasks by using the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS API. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies. The administrator can then add the IAM policies to roles, and users can assume the roles.
+By default, users and roles don't have permission to create or modify Step Functions resources. To grant users permission to perform actions on the resources that they need, an IAM administrator can create IAM policies.