AWS Security ChangesHomeSearch

AWS wellarchitected documentation change

Service: wellarchitected · 2025-11-19 · Documentation low

File: wellarchitected/2023-04-10/framework/sec_permissions_share_securely_third_party.md

Summary

Changed 'AWS CloudFormation' to 'CloudFormation' in cross-account role documentation

Security assessment

Terminology update without altering security guidance. The existing security recommendations about least-privilege and audit practices remain unchanged.

Diff

diff --git a/wellarchitected/2023-04-10/framework/sec_permissions_share_securely_third_party.md b/wellarchitected/2023-04-10/framework/sec_permissions_share_securely_third_party.md
index 23c2ad973..887a2b9f7 100644
--- a//wellarchitected/2023-04-10/framework/sec_permissions_share_securely_third_party.md
+++ b//wellarchitected/2023-04-10/framework/sec_permissions_share_securely_third_party.md
@@ -64 +64 @@ Deprecate the use of long-term credentials and use cross-account roles or IAM Ro
-The policy created for cross-account access in your accounts must follow the [least-privilege principle](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege). The third party must provide a role policy document or automated setup mechanism that uses an AWS CloudFormation template or an equivalent for you. This reduces the chance of errors associated with manual policy creation and offers an auditable trail. For more information on using a AWS CloudFormation template to create cross-account roles, see [Cross-Account Roles](https://aws.amazon.com/blogs/apn/tag/cross-account-roles/). 
+The policy created for cross-account access in your accounts must follow the [least-privilege principle](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege). The third party must provide a role policy document or automated setup mechanism that uses an AWS CloudFormation template or an equivalent for you. This reduces the chance of errors associated with manual policy creation and offers an auditable trail. For more information on using a CloudFormation template to create cross-account roles, see [Cross-Account Roles](https://aws.amazon.com/blogs/apn/tag/cross-account-roles/). 
@@ -66 +66 @@ The policy created for cross-account access in your accounts must follow the [le
-The third party should provide an automated, auditable setup mechanism. However, by using the role policy document outlining the access needed, you should automate the setup of the role. Using a AWS CloudFormation template or equivalent, you should monitor for changes with drift detection as part of the audit practice. 
+The third party should provide an automated, auditable setup mechanism. However, by using the role policy document outlining the access needed, you should automate the setup of the role. Using a CloudFormation template or equivalent, you should monitor for changes with drift detection as part of the audit practice.