AWS appstream2 documentation change
Summary
Updated service name references from 'AppStream 2.0' to 'WorkSpaces Applications' throughout the document, including policy descriptions and section headers.
Security assessment
The changes are purely rebranding updates to reflect the new service name 'WorkSpaces Applications'. No modifications to security policies, permissions, or vulnerability disclosures were made. The content still describes the same IAM policies and security practices but with updated service nomenclature.
Diff
diff --git a/appstream2/latest/developerguide/managed-policies-required-to-access-appstream-resources.md b/appstream2/latest/developerguide/managed-policies-required-to-access-appstream-resources.md index f5a2968aa..7926eac3f 100644 --- a//appstream2/latest/developerguide/managed-policies-required-to-access-appstream-resources.md +++ b//appstream2/latest/developerguide/managed-policies-required-to-access-appstream-resources.md @@ -3 +3 @@ -[Documentation](/index.html)[Amazon AppStream 2.0](/appstream2/index.html)[Administration Guide](what-is-appstream.html) +[Documentation](/index.html)[Amazon WorkSpaces Applications](/appstream2/index.html)[Administration Guide](what-is-appstream.html) @@ -7 +7 @@ Policy updates -# AWS Managed Policies Required to Access AppStream 2.0 Resources +# AWS Managed Policies Required to Access WorkSpaces Applications Resources @@ -9 +9 @@ Policy updates -To provide full administrative or read-only access to AppStream 2.0, you must attach one of the following AWS managed policies to the IAM users or groups that require those permissions. An _AWS managed policy_ is a standalone policy that is created and administered by AWS. For more information, see [AWS Managed Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#aws-managed-policies) in the _IAM User Guide_. +To provide full administrative or read-only access to WorkSpaces Applications, you must attach one of the following AWS managed policies to the IAM users or groups that require those permissions. An _AWS managed policy_ is a standalone policy that is created and administered by AWS. For more information, see [AWS Managed Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#aws-managed-policies) in the _IAM User Guide_. @@ -13 +13 @@ To provide full administrative or read-only access to AppStream 2.0, you must at -In AWS, IAM roles are used to grant permissions to an AWS service so it can access AWS resources. The policies that are attached to the role determine which AWS resources the service can access and what it can do with those resources. For AppStream 2.0, in addition to having the permissions defined in the **AmazonAppStreamFullAccess** policy, you must also have the required roles in your AWS account. For more information, see [Roles Required for AppStream 2.0, Application Auto Scaling, and AWS Certificate Manager Private CA](./roles-required-for-appstream.html). +In AWS, IAM roles are used to grant permissions to an AWS service so it can access AWS resources. The policies that are attached to the role determine which AWS resources the service can access and what it can do with those resources. For WorkSpaces Applications, in addition to having the permissions defined in the **AmazonAppStreamFullAccess** policy, you must also have the required roles in your AWS account. For more information, see [Roles Required for WorkSpaces Applications, Application Auto Scaling, and AWS Certificate Manager Private CA](./roles-required-for-appstream.html). @@ -18 +18 @@ In AWS, IAM roles are used to grant permissions to an AWS service so it can acce -This managed policy provides full administrative access to AppStream 2.0 resources. To manage AppStream 2.0 resources and perform API actions through the AWS Command Line Interface (AWS CLI), AWS SDK, or AWS Management Console, you must have the permissions defined in this policy. +This managed policy provides full administrative access to WorkSpaces Applications resources. To manage WorkSpaces Applications resources and perform API actions through the AWS Command Line Interface (AWS CLI), AWS SDK, or AWS Management Console, you must have the permissions defined in this policy. @@ -20 +20 @@ This managed policy provides full administrative access to AppStream 2.0 resourc -If you sign into the AppStream 2.0 console as an IAM user, you must attach this policy to your AWS account. If you sign in through console federation, you must attach this policy to the IAM role that was used for federation. +If you sign into the WorkSpaces Applications console as an IAM user, you must attach this policy to your AWS account. If you sign in through console federation, you must attach this policy to the IAM role that was used for federation. @@ -27 +27 @@ To view the permissions for this policy, see [AmazonAppStreamFullAccess](https:/ -This identity-based policy grants users read-only permissions to view and monitor AppStream 2.0 resources and related service configurations. Users can access the AppStream 2.0 console to view streaming applications, fleet status, usage reports, and associated resources, but cannot make any changes. The policy also includes necessary read permissions for supporting services like IAM, Application Auto Scaling, and CloudWatch to enable comprehensive monitoring and reporting capabilities. +This identity-based policy grants users read-only permissions to view and monitor WorkSpaces Applications resources and related service configurations. Users can access the WorkSpaces Applications console to view streaming applications, fleet status, usage reports, and associated resources, but cannot make any changes. The policy also includes necessary read permissions for supporting services like IAM, Application Auto Scaling, and CloudWatch to enable comprehensive monitoring and reporting capabilities. @@ -31 +31 @@ To view the permissions for this policy, see [AmazonAppStreamReadOnlyAccess](htt -The AppStream 2.0 console uses an additional action that provides functionality that is not available through the AWS CLI or AWS SDK. The **AmazonAppStreamFullAccess** and **AmazonAppStreamReadOnlyAccess** policies both provide permissions for the following action. +The WorkSpaces Applications console uses an additional action that provides functionality that is not available through the AWS CLI or AWS SDK. The **AmazonAppStreamFullAccess** and **AmazonAppStreamReadOnlyAccess** policies both provide permissions for the following action. @@ -47 +47 @@ To view the permissions for this policy, see [AmazonAppStreamPCAAccess](https:// -This managed policy is the default policy for the AppStream 2.0 service role. +This managed policy is the default policy for the WorkSpaces Applications service role. @@ -49 +49 @@ This managed policy is the default policy for the AppStream 2.0 service role. -This role permissions policy allows AppStream 2.0 to complete the following actions: +This role permissions policy allows WorkSpaces Applications to complete the following actions: @@ -51 +51 @@ This role permissions policy allows AppStream 2.0 to complete the following acti - * When using subnets in your account for your AppStream 2.0 fleets, AppStream 2.0 is able to describe subnets, VPCs, and availability zones, as well as create and manage the lifecycle of all elastic network interfaces associated with the fleet instances in those subnets. This also includes being able to attach Security Groups and IP addresses from those subnets to those elastic network interfaces. + * When using subnets in your account for your WorkSpaces Applications fleets, WorkSpaces Applications is able to describe subnets, VPCs, and availability zones, as well as create and manage the lifecycle of all elastic network interfaces associated with the fleet instances in those subnets. This also includes being able to attach Security Groups and IP addresses from those subnets to those elastic network interfaces. @@ -53 +53 @@ This role permissions policy allows AppStream 2.0 to complete the following acti - * When using features such as UPP and HomeFolders, AppStream 2.0 is able to create and manage Amazon S3 buckets, objects and their lifecyles, policies, and encryption configuration in the account. These buckets include the following naming prefixes: + * When using features such as UPP and HomeFolders, WorkSpaces Applications is able to create and manage Amazon S3 buckets, objects and their lifecyles, policies, and encryption configuration in the account. These buckets include the following naming prefixes: @@ -69 +69 @@ To view the permissions for this policy, see [AmazonAppStreamServiceAccess](http -This managed policy enables application autoscaling for AppStream 2.0. +This managed policy enables application autoscaling for WorkSpaces Applications. @@ -76 +76 @@ To view the permissions for this policy, see [ApplicationAutoScalingForAmazonApp -This managed policy grants permissions for Application Auto Scaling to access AppStream 2.0 and CloudWatch . +This managed policy grants permissions for Application Auto Scaling to access WorkSpaces Applications and CloudWatch . @@ -80 +80 @@ To view the permissions for this policy, see [AWSApplicationAutoscalingAppStream -## AppStream 2.0 updates to AWS managed policies +## WorkSpaces Applications updates to AWS managed policies @@ -82 +82 @@ To view the permissions for this policy, see [AWSApplicationAutoscalingAppStream -View details about updates to AWS managed policies for AppStream 2.0 since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the [Document History for Amazon AppStream 2.0](./doc-history.html) page. +View details about updates to AWS managed policies for WorkSpaces Applications since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the [Document History for Amazon WorkSpaces Applications](./doc-history.html) page. @@ -87 +87 @@ AmazonAppStreamReadOnlyAccess – Change | Removed `"appstream:Get*",` from the -AppStream 2.0 started tracking changes | AppStream 2.0 started tracking changes for its AWS managed policies | October 31, 2022 +WorkSpaces Applications started tracking changes | WorkSpaces Applications started tracking changes for its AWS managed policies | October 31, 2022 @@ -95 +95 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Access to AppStream 2.0 Resources +Access to WorkSpaces Applications Resources @@ -97 +97 @@ Access to AppStream 2.0 Resources -Roles Required for AppStream 2.0, Application Auto Scaling, and AWS Certificate Manager Private CA +Roles Required for WorkSpaces Applications, Application Auto Scaling, and AWS Certificate Manager Private CA