AWS cli documentation change
Summary
Added note about explicit denial of delete permissions causing 403 errors
Security assessment
Similar to delete-object.md change, this clarifies security policy behavior without addressing a specific vulnerability. Enhances documentation for secure policy configuration.
Diff
diff --git a/cli/latest/reference/s3api/delete-objects.md b/cli/latest/reference/s3api/delete-objects.md index 245de14ab..074813b8f 100644 --- a//cli/latest/reference/s3api/delete-objects.md +++ b//cli/latest/reference/s3api/delete-objects.md @@ -15 +15 @@ - * [AWS CLI 2.31.39 Command Reference](../../index.html) » + * [AWS CLI 2.32.3 Command Reference](../../index.html) » @@ -84,0 +85,5 @@ Permissions + +### Note + +If the `s3:DeleteObject` or `s3:DeleteObjectVersion` permissions are explicitly denied in your bucket policy, attempts to delete any unversioned objects result in a `403 Access Denied` error. + @@ -916 +921 @@ Errors -> (list) - * [AWS CLI 2.31.39 Command Reference](../../index.html) » + * [AWS CLI 2.32.3 Command Reference](../../index.html) »