AWS Security ChangesHomeSearch

AWS managedservices documentation change

Service: managedservices · 2025-10-25 · Documentation low

File: managedservices/latest/userguide/mon-cwai.md

Summary

Changed IAM change type from 'review required' to 'managed automation' for CloudWatch Application Insights setup

Security assessment

The change modifies the process flow for IAM role creation but does not address any specific security vulnerability or weakness. It indicates a shift to managed automation rather than manual review, but there's no evidence this was prompted by a security incident.

Diff

diff --git a/managedservices/latest/userguide/mon-cwai.md b/managedservices/latest/userguide/mon-cwai.md
index 499b68e45..625d4ba2f 100644
--- a//managedservices/latest/userguide/mon-cwai.md
+++ b//managedservices/latest/userguide/mon-cwai.md
@@ -13 +13 @@ AMS does not monitor problems from CloudWatch Application Insights because they
-To use CloudWatch Application Insights, submit an RFC with the Deployment | Advanced stack components | Identity and Access Management (IAM) | Create entity or policy (review required) change type (ct-3dpd8mdd9jn1r) with a request to create an IAM role that provides you with permission to configure CloudWatch Application Insights. There are two options to receive the problems identified: through an SNS topic or with a target in CloudWatch Event rules. In the RFC, specify which you want. If you plan to use CloudWatch Event rules, also specify the rule definition in the RFC. After you're set up with CloudWatch Application Insights, you receive notice of potential problems including insights that point to a possible root cause. 
+To use CloudWatch Application Insights, submit an RFC with the Deployment | Advanced stack components | Identity and Access Management (IAM) | Create entity or policy (managed automation) change type (ct-3dpd8mdd9jn1r) with a request to create an IAM role that provides you with permission to configure CloudWatch Application Insights. There are two options to receive the problems identified: through an SNS topic or with a target in CloudWatch Event rules. In the RFC, specify which you want. If you plan to use CloudWatch Event rules, also specify the rule definition in the RFC. After you're set up with CloudWatch Application Insights, you receive notice of potential problems including insights that point to a possible root cause.