AWS waf documentation change
Summary
Removed explanatory note about inability to specify principals in identity-based policies due to their attachment nature.
Security assessment
This is a documentation simplification that removes redundant explanation about IAM policy mechanics. The change doesn't alter security guidance or address vulnerabilities - it streamlines existing IAM policy documentation without changing security implications.
Diff
diff --git a/waf/latest/developerguide/nsd-iam.md b/waf/latest/developerguide/nsd-iam.md index 85cccec2c..807dce567 100644 --- a//waf/latest/developerguide/nsd-iam.md +++ b//waf/latest/developerguide/nsd-iam.md @@ -40 +40 @@ Identity-based policies are JSON permissions policy documents that you can attac -With IAM identity-based policies, you can specify allowed or denied actions and resources as well as the conditions under which actions are allowed or denied. You can't specify the principal in an identity-based policy because it applies to the user or role to which it is attached. To learn about all of the elements that you can use in a JSON policy, see [IAM JSON policy elements reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the _IAM User Guide_. +With IAM identity-based policies, you can specify allowed or denied actions and resources as well as the conditions under which actions are allowed or denied. To learn about all of the elements that you can use in a JSON policy, see [IAM JSON policy elements reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the _IAM User Guide_.