AWS pinpoint documentation change
Summary
Updated IAM policy examples with concrete account numbers and regions, removed redundant JSON output example
Security assessment
Changes involve replacing placeholder values (accountId/region) with example values (111122223333/us-east-1) and removing redundant JSON. This improves documentation clarity but doesn't address security vulnerabilities or add security features.
Diff
diff --git a/pinpoint/latest/developerguide/permissions-import-segment.md b/pinpoint/latest/developerguide/permissions-import-segment.md index b7d997eec..a06a44456 100644 --- a//pinpoint/latest/developerguide/permissions-import-segment.md +++ b//pinpoint/latest/developerguide/permissions-import-segment.md @@ -29,0 +30,6 @@ Complete the following steps to create the IAM role by using the AWS Command Lin +JSON + + +**** + + @@ -41 +47 @@ Complete the following steps to create the IAM role by using the AWS Command Lin - "aws:SourceAccount": "accountId" + "aws:SourceAccount": "111122223333" @@ -44 +50 @@ Complete the following steps to create the IAM role by using the AWS Command Lin - "arn:aws:mobiletargeting:region:accountId:apps/application-id" + "aws:SourceArn": "arn:aws:mobiletargeting:us-east-1:111122223333:apps/application-id" @@ -67,30 +73,0 @@ After you run this command, you see output that's similar to the following in yo - { - "Role": { - "AssumeRolePolicyDocument": { - "Version": "2012-10-17", - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "pinpoint.amazonaws.com" - }, - "Condition": { - "StringEquals": { - "aws:SourceAccount": "accountId" - }, - "ArnLike": { - "aws:SourceArn": "arn:aws:mobiletargeting:region:accountId:apps/application-id" - } - } - } - ] - }, - "RoleId": "AIDACKCEVSQ6C2EXAMPLE", - "CreateDate": "2016-12-20T00:44:37.406Z", - "RoleName": "PinpointSegmentImport", - "Path": "/", - "Arn": "arn:aws:iam::accountId:role/PinpointSegmentImport" - } - } -