AWS datapipeline documentation change
Summary
Added JSON section markers and removed policy examples
Security assessment
Structural changes without security implications. Removed examples may have been redundant.
Diff
diff --git a/datapipeline/latest/DeveloperGuide/dp-iam-resourcebased-access.md b/datapipeline/latest/DeveloperGuide/dp-iam-resourcebased-access.md index 48c55e5b2..2483a1569 100644 --- a//datapipeline/latest/DeveloperGuide/dp-iam-resourcebased-access.md +++ b//datapipeline/latest/DeveloperGuide/dp-iam-resourcebased-access.md @@ -82,0 +83,6 @@ To achieve this scenario, the manager tags the production pipelines with the "en +JSON + + +**** + + @@ -109,0 +117,6 @@ In addition, the manager attaches the following policy to the production IAM gro +JSON + + +**** + + @@ -132,27 +145,0 @@ To achieve this scenario, the manager installs task runner on the production res - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "datapipeline:Describe*", - "datapipeline:ListPipelines", - "datapipeline:GetPipelineDefinition", - "datapipeline:QueryObjects" - ], - "Resource": "*" - }, - { - "Action": "datapipeline:*", - "Effect": "Allow", - "Resource": "*", - "Condition": { - "StringLike": { - "datapipeline:workerGroup": ["dev*","pre-prod*"] - } - } - } - ] - } - @@ -161,25 +147,0 @@ In addition, the manager attaches the following policy to the production IAM gro - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "datapipeline:Describe*", - "datapipeline:ListPipelines", - "datapipeline:GetPipelineDefinition", - "datapipeline:QueryObjects" - ], - "Resource": "*" - }, - { - "Effect": "Allow", - "Action": "datapipeline:*", - "Resource": "*", - "Condition": { - "StringLike": {"datapipeline:workerGroup": "prodresource*"} - } - } - ] - } -