AWS ARG documentation change
Summary
Updated IAM documentation links by adding an extra slash in URLs
Security assessment
The changes only correct URL formatting (adding double slashes after domain) for existing IAM documentation references. No security-related content was added or modified beyond link syntax.
Diff
diff --git a/ARG/latest/userguide/security_best-practices.md b/ARG/latest/userguide/security_best-practices.md index 04e2a3fc6..8a0304322 100644 --- a//ARG/latest/userguide/security_best-practices.md +++ b//ARG/latest/userguide/security_best-practices.md @@ -9 +9 @@ The following best practices are general guidelines and don’t represent a comp - * **Use the principle of least privilege** to grant access to groups. Resource Groups supports resource-level permissions. Grant access to specific groups only as required for specific users. Avoid using asterisks in policy statements that assign permissions to all users or all groups. For more information about least privilege, see [Grant Least Privilege](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege) in the _IAM User Guide_. + * **Use the principle of least privilege** to grant access to groups. Resource Groups supports resource-level permissions. Grant access to specific groups only as required for specific users. Avoid using asterisks in policy statements that assign permissions to all users or all groups. For more information about least privilege, see [Grant Least Privilege](https://docs.aws.amazon.com//IAM/latest/UserGuide/best-practices.html#grant-least-privilege) in the _IAM User Guide_. @@ -15 +15 @@ Do not put private or sensitive information in tag keys or tag values. - * **Use authorization based on tagging** whenever appropriate. Resource Groups supports authorization based on tags. You can tag groups, then update policies that are attached to your IAM principals, such as users and roles, to set their level of access based on the tags that are applied to a group. For more information about how to use authorization based on tags, see [Controlling access to AWS resources using resource tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the _IAM User Guide_. + * **Use authorization based on tagging** whenever appropriate. Resource Groups supports authorization based on tags. You can tag groups, then update policies that are attached to your IAM principals, such as users and roles, to set their level of access based on the tags that are applied to a group. For more information about how to use authorization based on tags, see [Controlling access to AWS resources using resource tags](https://docs.aws.amazon.com//IAM/latest/UserGuide/access_tags.html) in the _IAM User Guide_. @@ -17 +17 @@ Do not put private or sensitive information in tag keys or tag values. -Many AWS services support authorization based on tags for their resources. Be aware that tag-based authorization might be configured for member resources in a group. If access to a group's resources is restricted by tags, unauthorized users or groups might not be able to perform actions or automations on those resources. For example, if an Amazon EC2 instance in one of your groups is tagged with a tag key of `Confidentiality` and a tag value of `High`, and you are not authorized to run commands on resources tagged `Confidentiality:High`, actions or automations that you perform on the EC2 instance will fail, even if actions are successful for other resources in the resource group. For more information about which services support tag-based authorization for their resources, see [AWS Services That Work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the _IAM User Guide_. +Many AWS services support authorization based on tags for their resources. Be aware that tag-based authorization might be configured for member resources in a group. If access to a group's resources is restricted by tags, unauthorized users or groups might not be able to perform actions or automations on those resources. For example, if an Amazon EC2 instance in one of your groups is tagged with a tag key of `Confidentiality` and a tag value of `High`, and you are not authorized to run commands on resources tagged `Confidentiality:High`, actions or automations that you perform on the EC2 instance will fail, even if actions are successful for other resources in the resource group. For more information about which services support tag-based authorization for their resources, see [AWS Services That Work with IAM](https://docs.aws.amazon.com//IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the _IAM User Guide_.