AWS amazonq documentation change
Summary
Updated URL formatting for confused deputy problem documentation link
Security assessment
While the content discusses security best practices (preventing unauthorized access via trust policies), the change only fixes a URL structure without altering security guidance.
Diff
diff --git a/amazonq/latest/qbusiness-ug/cde-iam-roles.md b/amazonq/latest/qbusiness-ug/cde-iam-roles.md index 3fe7b5e30..4714db55d 100644 --- a//amazonq/latest/qbusiness-ug/cde-iam-roles.md +++ b//amazonq/latest/qbusiness-ug/cde-iam-roles.md @@ -235 +235 @@ JSON -We recommend that you include `aws:sourceAccount` and `aws:sourceArn` in the trust policy. Their inclusion limits permissions and securely checks if `aws:sourceAccount` and `aws:sourceArn` are the same values as provided in the IAM role policy for the `sts:AssumeRole` action. This approach prevents unauthorized entities from accessing your IAM roles and their permissions. For more information, see [confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the _IAM User Guide_. +We recommend that you include `aws:sourceAccount` and `aws:sourceArn` in the trust policy. Their inclusion limits permissions and securely checks if `aws:sourceAccount` and `aws:sourceArn` are the same values as provided in the IAM role policy for the `sts:AssumeRole` action. This approach prevents unauthorized entities from accessing your IAM roles and their permissions. For more information, see [confused deputy problem](https://docs.aws.amazon.com//IAM/latest/UserGuide/confused-deputy.html) in the _IAM User Guide_.