AWS controltower documentation change
Summary
Updated URL formatting and modified section heading from 'Administrative tips' to 'Key Changes'
Security assessment
URL formatting changes and heading renaming do not introduce new security content. Existing security recommendation about restricting AWSControlTowerAdmin role access remains unchanged in substance.
Diff
diff --git a/controltower/latest/userguide/roles-recommendations.md b/controltower/latest/userguide/roles-recommendations.md index bf6a7347a..01c13f257 100644 --- a//controltower/latest/userguide/roles-recommendations.md +++ b//controltower/latest/userguide/roles-recommendations.md @@ -17 +17 @@ When you're setting up the shared audit account in your landing zone, we recomme -You can impose conditions in your role trust policies, to restrict the accounts and resources that interact with certain roles in AWS Control Tower. We strongly recommend that you restrict access to the `AWSControlTowerAdmin` role, because it allows wide access permissions. for more information, see [Optional conditions for your role trust relationships](https://docs.aws.amazon.com/controltower/latest/userguide/conditions-for-role-trust.html). +You can impose conditions in your role trust policies, to restrict the accounts and resources that interact with certain roles in AWS Control Tower. We strongly recommend that you restrict access to the `AWSControlTowerAdmin` role, because it allows wide access permissions. for more information, see [Optional conditions for your role trust relationships](https://docs.aws.amazon.com//controltower/latest/userguide/conditions-for-role-trust.html). @@ -25 +25 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Administrative tips for landing zone setup +Key Changes