AWS repostprivate documentation change
Summary
Updated documentation links to IAM guides with corrected URL formatting (added double slashes)
Security assessment
Changes involve URL formatting corrections without altering security content. No evidence of addressing vulnerabilities or adding security features.
Diff
diff --git a/repostprivate/latest/caguide/security_iam_service-with-iam.md b/repostprivate/latest/caguide/security_iam_service-with-iam.md index 39cd7cff3..5b0199319 100644 --- a//repostprivate/latest/caguide/security_iam_service-with-iam.md +++ b//repostprivate/latest/caguide/security_iam_service-with-iam.md @@ -56 +56 @@ To view examples of re:Post Private identity-based policies, see [AWS re:Post Pr -Resource-based policies are JSON policy documents that you attach to a resource. Examples of resource-based policies are IAM role trust policies and Amazon S3 bucket policies. In services that support resource-based policies, service administrators can use them to control access to a specific resource. For the resource where the policy is attached, the policy defines what actions a specified principal can perform on that resource and under what conditions. You must [specify a principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) in a resource-based policy. Principals can include accounts, users, roles, federated users, or AWS services. Resource-based policies are inline policies that are located in that service. You can't use AWS managed policies from IAM in a resource-based policy. +Resource-based policies are JSON policy documents that you attach to a resource. Examples of resource-based policies are IAM role trust policies and Amazon S3 bucket policies. In services that support resource-based policies, service administrators can use them to control access to a specific resource. For the resource where the policy is attached, the policy defines what actions a specified principal can perform on that resource and under what conditions. You must [specify a principal](https://docs.aws.amazon.com//IAM/latest/UserGuide/reference_policies_elements_principal.html) in a resource-based policy. Principals can include accounts, users, roles, federated users, or AWS services. Resource-based policies are inline policies that are located in that service. You can't use AWS managed policies from IAM in a resource-based policy. @@ -62 +62 @@ re:Post Private doesn't support resource-based policies. -re:Post Private supports tagging resources or controlling access based on tags. For more information, see [Controlling access to AWS resources using tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html). +re:Post Private supports tagging resources or controlling access based on tags. For more information, see [Controlling access to AWS resources using tags](https://docs.aws.amazon.com//IAM/latest/UserGuide/access_tags.html). @@ -80 +80 @@ re:Post Private supports using temporary credentials. -This feature allows a service to assume a [service role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-role) for you. This role allows the service to access resources in other services to complete an action for you. For more information, see [Creating a role to delegate permissions to an AWS service](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-service.html). Service roles appear in your IAM account and are owned by the account. This means that an IAM administrator can change the permissions for this role. However, doing so might break the functionality of the service. +This feature allows a service to assume a [service role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-role) for you. This role allows the service to access resources in other services to complete an action for you. For more information, see [Creating a role to delegate permissions to an AWS service](https://docs.aws.amazon.com//IAM/latest/UserGuide/id_roles_create_for-service.html). Service roles appear in your IAM account and are owned by the account. This means that an IAM administrator can change the permissions for this role. However, doing so might break the functionality of the service.