AWS Security ChangesHomeSearch

AWS fsx documentation change

Service: fsx · 2025-11-07 · Documentation medium

File: fsx/latest/ONTAPGuide/security-iam-awsmanpol.md

Summary

Added secretsmanager:ListSecrets permission to console policies for Secrets Manager access

Security assessment

The change documents new IAM permissions required for credential management but doesn't indicate a security vulnerability fix. It enhances security documentation by specifying required permissions for secure secret handling.

Diff

diff --git a/fsx/latest/ONTAPGuide/security-iam-awsmanpol.md b/fsx/latest/ONTAPGuide/security-iam-awsmanpol.md
index 693a31172..d387301d5 100644
--- a//fsx/latest/ONTAPGuide/security-iam-awsmanpol.md
+++ b//fsx/latest/ONTAPGuide/security-iam-awsmanpol.md
@@ -91,0 +92,2 @@ This policy includes the following permissions.
+  * `secretsmanager` – Allows principals to list secrets in AWS Secrets Manager for selecting domain join service account credentials.
+
@@ -126,0 +129,2 @@ This policy includes the following permissions.
+  * `secretsmanager` – Allows principals to list secrets in AWS Secrets Manager for selecting domain join service account credentials.
+
@@ -152,0 +157,2 @@ Change | Description | Date
+AmazonFSxConsoleFullAccess – Update to an existing policy | Amazon FSx added a new permission, `secretsmanager:ListSecrets` that allows principals to list secrets in AWS Secrets Manager for selecting domain join service account credentials. | November 5, 2025  
+AmazonFSxConsoleReadOnlyAccess – Update to an existing policy | Amazon FSx added a new permission, `secretsmanager:ListSecrets` that allows principals to list secrets in AWS Secrets Manager for selecting domain join service account credentials. | November 3, 2025