AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2025-12-10 · Documentation low

File: prescriptive-guidance/latest/patterns/provision-least-privilege-iam-roles-by-deploying-a-role-vending-machine-solution.md

Summary

Updated 'AWS Security Hub actions' to 'AWS Security Hub CSPM actions' in troubleshooting section

Security assessment

Clarifies CSPM (Cloud Security Posture Management) feature usage. Enhances security documentation but doesn't address specific vulnerability.

Diff

diff --git a/prescriptive-guidance/latest/patterns/provision-least-privilege-iam-roles-by-deploying-a-role-vending-machine-solution.md b/prescriptive-guidance/latest/patterns/provision-least-privilege-iam-roles-by-deploying-a-role-vending-machine-solution.md
index fcef31a44..c863eb2a1 100644
--- a//prescriptive-guidance/latest/patterns/provision-least-privilege-iam-roles-by-deploying-a-role-vending-machine-solution.md
+++ b//prescriptive-guidance/latest/patterns/provision-least-privilege-iam-roles-by-deploying-a-role-vending-machine-solution.md
@@ -202 +202 @@ I created a role by using the RVM, but GitHub isn’t able to assume it.| Verify
-My read-only role is failing to run its pipeline because it lacks permissions to read a specific resource.| Although the `ReadOnlyAccess` policy provides broad read-only permissions, the policy doesn't have some read actions (for example, certain AWS Security Hub actions).You can add specific action permissions by using the `inline_policy_readonly` parameter of the `github-workflow-roles` module.  
+My read-only role is failing to run its pipeline because it lacks permissions to read a specific resource.| Although the `ReadOnlyAccess` policy provides broad read-only permissions, the policy doesn't have some read actions (for example, certain AWS Security Hub CSPM actions).You can add specific action permissions by using the `inline_policy_readonly` parameter of the `github-workflow-roles` module.