AWS Security ChangesHomeSearch

AWS eventbridge documentation change

Service: eventbridge · 2025-10-25 · Documentation low

File: eventbridge/latest/userguide/eb-use-resource-based.md

Summary

Removed an example IAM policy for CloudWatch Logs permissions

Security assessment

The removal of an example policy does not inherently address a security issue. While it could impact configuration accuracy, there is no evidence of a specific vulnerability being resolved.

Diff

diff --git a/eventbridge/latest/userguide/eb-use-resource-based.md b/eventbridge/latest/userguide/eb-use-resource-based.md
index 084378826..a50bae60d 100644
--- a//eventbridge/latest/userguide/eb-use-resource-based.md
+++ b//eventbridge/latest/userguide/eb-use-resource-based.md
@@ -69,32 +68,0 @@ If you use the AWS Management Console to add CloudWatch Logs as the target of a
-The following example allows EventBridge to write to all log groups that have names that start with `/aws/events/`. If you use a different naming policy for these types of logs, adjust the example accordingly.
-
-JSON
-    
-
-****
-    
-    
-    
-    {
-        "Version":"2012-10-17",		 	 	 
-    
-        "Statement": [
-            {
-                "Action": [
-                    "logs:CreateLogStream",
-                    "logs:PutLogEvents"
-                ],
-                "Effect": "Allow",
-                "Principal": {
-                    "Service": [
-                        "events.amazonaws.com",
-                        "delivery.logs.amazonaws.com"
-                    ]
-                },
-                "Resource": "arn:aws:logs:us-east-1:123456789012:log-group:/aws/events/*:*",
-                "Sid": "TrustEventsToStoreLogEvent"
-            }
-        ]
-    }
-    
-