AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2025-11-16 · Documentation medium

File: cli/latest/reference/datazone/delete-subscription-grant.md

Summary

Added documentation for asset permissions structure including S3 permissions (READ/WRITE) and environmentId parameter

Security assessment

The change adds documentation about S3 permissions granularity (READ/WRITE) which relates to access control security features. However, there's no indication this addresses a specific security vulnerability - rather it documents existing security controls.

Diff

diff --git a/cli/latest/reference/datazone/delete-subscription-grant.md b/cli/latest/reference/datazone/delete-subscription-grant.md
index 1f0adda05..82b8289b8 100644
--- a//cli/latest/reference/datazone/delete-subscription-grant.md
+++ b//cli/latest/reference/datazone/delete-subscription-grant.md
@@ -15 +15 @@
-  * [AWS CLI 2.31.35 Command Reference](../../index.html) »
+  * [AWS CLI 2.31.37 Command Reference](../../index.html) »
@@ -289,0 +290,21 @@ assets -> (list)
+>> 
+>> permissions -> (tagged union structure)
+>>
+>>> The asset permissions.
+>>> 
+>>> ### Note
+>>> 
+>>> This is a Tagged Union structure. Only one of the following top level keys can be set: `s3`.
+>>> 
+>>> s3 -> (list)
+>>>
+>>>> The S3 details of the asset permissions.
+>>>> 
+>>>> (string)
+>>>>
+>>>>> Possible values:
+>>>>> 
+>>>>>   * `READ`
+>>>>>   * `WRITE`
+>>>>> 
+
@@ -329,0 +351,10 @@ domainId -> (string)
+environmentId -> (string)
+
+> The ID of the environment in which the subscription grant is deleted.
+> 
+> Constraints:
+> 
+>   * pattern: `^[a-zA-Z0-9_-]{1,36}$`
+> 
+
+
@@ -427 +458 @@ updatedBy -> (string)
-  * [AWS CLI 2.31.35 Command Reference](../../index.html) »
+  * [AWS CLI 2.31.37 Command Reference](../../index.html) »