AWS Security ChangesHomeSearch

AWS workspaces-web documentation change

Service: workspaces-web · 2025-10-22 · Documentation low

File: workspaces-web/latest/adminguide/security_iam_service-with-iam-principal-permissions.md

Summary

Simplified explanation of Forward Access Sessions (FAS) by removing redundant details about principal context

Security assessment

The change clarifies FAS usage without altering security implications. No evidence of addressing vulnerabilities or security incidents.

Diff

diff --git a/workspaces-web/latest/adminguide/security_iam_service-with-iam-principal-permissions.md b/workspaces-web/latest/adminguide/security_iam_service-with-iam-principal-permissions.md
index 8391b032e..4eafd614c 100644
--- a//workspaces-web/latest/adminguide/security_iam_service-with-iam-principal-permissions.md
+++ b//workspaces-web/latest/adminguide/security_iam_service-with-iam-principal-permissions.md
@@ -9 +9 @@
-When you use an IAM user or role to perform actions in AWS, you are considered a principal. When you use some services, you might perform an action that then initiates another action in a different service. FAS uses the permissions of the principal calling an AWS service, combined with the requesting AWS service to make requests to downstream services. FAS requests are only made when a service receives a request that requires interactions with other AWS services or resources to complete. In this case, you must have permissions to perform both actions. For policy details when making FAS requests, see [Forward access sessions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_forward_access_sessions.html). 
+Forward access sessions (FAS) use the permissions of the principal calling an AWS service, combined with the requesting AWS service to make requests to downstream services. For policy details when making FAS requests, see [Forward access sessions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_forward_access_sessions.html).