AWS cli documentation change
Summary
Added note about explicit denial of delete permissions causing 403 errors
Security assessment
The change clarifies security policy enforcement behavior but does not address a specific vulnerability. It improves documentation about permission impacts, which helps users configure secure policies.
Diff
diff --git a/cli/latest/reference/s3api/delete-object.md b/cli/latest/reference/s3api/delete-object.md index 6ef176803..16065da61 100644 --- a//cli/latest/reference/s3api/delete-object.md +++ b//cli/latest/reference/s3api/delete-object.md @@ -15 +15 @@ - * [AWS CLI 2.31.39 Command Reference](../../index.html) » + * [AWS CLI 2.32.3 Command Reference](../../index.html) » @@ -94,0 +95,5 @@ Permissions + +### Note + +If the `s3:DeleteObject` or `s3:DeleteObjectVersion` permissions are explicitly denied in your bucket policy, attempts to delete any unversioned objects result in a `403 Access Denied` error. + @@ -416 +421 @@ RequestCharged -> (string) - * [AWS CLI 2.31.39 Command Reference](../../index.html) » + * [AWS CLI 2.32.3 Command Reference](../../index.html) »