AWS connect documentation change
Summary
Expanded service-linked role permissions to include additional profile actions for campaign triggering
Security assessment
Adds documentation about required permissions for security features (campaign triggering) but doesn't address a specific vulnerability. Documents new security-related permissions: GetRecommender, GetCalculatedAttributeForProfile, and GetProfileRecommendations.
Diff
diff --git a/connect/latest/adminguide/customerprofiles-slr.md b/connect/latest/adminguide/customerprofiles-slr.md index f47b7a538..facec0ee4 100644 --- a//connect/latest/adminguide/customerprofiles-slr.md +++ b//connect/latest/adminguide/customerprofiles-slr.md @@ -34 +34,7 @@ The role permissions policy named [CustomerProfilesServiceLinkedRolePolicy](./se - * Action: Amazon Connect Customer Profiles `profile:BatchGetProfile` to retrieve profile information necessary for triggering an event. + * Action: Amazon Connect Customer Profiles `profile:BatchGetProfile` to retrieve profile information necessary for triggering a campaign. + + * Action: Amazon Connect Customer Profiles `profile:GetRecommender` to retrieve recommenders necessary for triggering a campaign. + + * Action: Amazon Connect Customer Profiles `profile:GetCalculatedAttributeForProfile` to retrieve calculated attributes necessary for triggering a campaign. + + * Action: Amazon Connect Customer Profiles `profile:GetProfileRecommendations` to retrieve profile recommendations necessary for triggering a campaign.