AWS workspaces-web documentation change
Summary
Removed details about policy action exceptions (e.g., permission-only actions, dependent actions) and simplified the explanation of the Action element.
Security assessment
The edit streamlines the description of IAM policy actions but does not introduce or resolve a security issue. The removed content was explanatory but not directly tied to a vulnerability.
Diff
diff --git a/workspaces-web/latest/adminguide/security_iam_service-with-iam-id-based-policies-actions.md b/workspaces-web/latest/adminguide/security_iam_service-with-iam-id-based-policies-actions.md index 3e9212cf6..de025ebbd 100644 --- a//workspaces-web/latest/adminguide/security_iam_service-with-iam-id-based-policies-actions.md +++ b//workspaces-web/latest/adminguide/security_iam_service-with-iam-id-based-policies-actions.md @@ -11,3 +11 @@ Administrators can use AWS JSON policies to specify who has access to what. That -The `Action` element of a JSON policy describes the actions that you can use to allow or deny access in a policy. Policy actions usually have the same name as the associated AWS API operation. There are some exceptions, such as _permission-only actions_ that don't have a matching API operation. There are also some operations that require multiple actions in a policy. These additional actions are called _dependent actions_. - -Include actions in a policy to grant permissions to perform the associated operation. +The `Action` element of a JSON policy describes the actions that you can use to allow or deny access in a policy. Include actions in a policy to grant permissions to perform the associated operation.