AWS greengrass documentation change
Summary
Removed an IAM policy example for CloudWatch log access.
Security assessment
Policy removal does not indicate a security issue but may reflect documentation cleanup or updated best practices. No explicit security context provided.
Diff
diff --git a/greengrass/v2/developerguide/system-log-forwarder-component.md b/greengrass/v2/developerguide/system-log-forwarder-component.md index 7ca108e41..2caee1347 100644 --- a//greengrass/v2/developerguide/system-log-forwarder-component.md +++ b//greengrass/v2/developerguide/system-log-forwarder-component.md @@ -65,17 +64,0 @@ The component requires access to create log and stream groups in CloudWatch as w - - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": ["logs:CreateLogGroup"], - "Resource": "arn:aws::logs:us-east-1:123456789012:log-group:greengrass/systemLogs:*" - }, - { - "Effect": "Allow", - "Action": ["logs:CreateLogStream", "logs:PutLogEvents"], - "Resource": "arn:aws::logs:us-east-1:123456789012:log-group:greengrass/systemLogs:log-stream:${credentials-iot:ThingName}" - } - ] - } -