AWS payment-cryptography documentation change
Summary
Added documentation for tag-based access control in IAM policies
Security assessment
Explains how to use resource tags for fine-grained access control, which is a security feature. However, there is no evidence this addresses an existing security issue.
Diff
diff --git a/payment-cryptography/latest/userguide/security_iam_service-with-iam.md b/payment-cryptography/latest/userguide/security_iam_service-with-iam.md index c767baf26..eecd649ba 100644 --- a//payment-cryptography/latest/userguide/security_iam_service-with-iam.md +++ b//payment-cryptography/latest/userguide/security_iam_service-with-iam.md @@ -89,0 +90,2 @@ To view examples of AWS Payment Cryptography identity-based policies, see [AWS P +You can attach tags to AWS Payment Cryptography resources or pass tags in a request to AWS Payment Cryptography. To control access based on tags, you provide tag information in the [condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) of a policy using the `payment-cryptography:ResourceTag/`key-name``, `aws:RequestTag/`key-name``, or `aws:TagKeys` condition keys. +