AWS AmazonS3 documentation change
Summary
Expanded documentation for bucket tags to include attribute-based access control (ABAC) use cases.
Security assessment
The update explicitly mentions using tags for attribute-based access control (ABAC), which is a security feature. This adds documentation about security-related functionality but does not address a specific security vulnerability.
Diff
diff --git a/AmazonS3/latest/userguide/view-bucket-properties.md b/AmazonS3/latest/userguide/view-bucket-properties.md index db43c0054..64a56ffa1 100644 --- a//AmazonS3/latest/userguide/view-bucket-properties.md +++ b//AmazonS3/latest/userguide/view-bucket-properties.md @@ -11 +11 @@ You can view properties for any Amazon S3 bucket you own. These settings include - * **Tags** – With AWS cost allocation, you can use bucket tags to annotate billing for your use of a general purpose bucket. A tag is a key-value pair that represents a label that you assign to a bucket. For more information, see [Using cost allocation S3 bucket tags](./CostAllocTagging.html). + * **Tags** – An AWS tag is a key-value pair that holds metadata. You attach the tags to your Amazon S3 resources, such as buckets. You can tag resources when you create them or manage tags on existing resources. You can use tags for cost allocation to track storage costs by bucket tag in AWS Billing and Cost Management. You can also use tags for attribute-based access control (ABAC), to scale access permissions and grant access to S3 resources based on their tags. For more information, see [Using tags with S3 general purpose buckets](./buckets-tagging.html).