AWS Security ChangesHomeSearch

AWS imagebuilder documentation change

Service: imagebuilder · 2026-02-28 · Documentation low

File: imagebuilder/latest/userguide/image-lifecycle-prerequisites.md

Summary

Added new IAM role creation options for lifecycle policies, including automated console-based role creation.

Security assessment

While the changes involve IAM role management (a security-related feature), there is no evidence of addressing a specific security vulnerability. The updates focus on usability improvements rather than security fixes.

Diff

diff --git a/imagebuilder/latest/userguide/image-lifecycle-prerequisites.md b/imagebuilder/latest/userguide/image-lifecycle-prerequisites.md
index ebc231f48..77a7ce063 100644
--- a//imagebuilder/latest/userguide/image-lifecycle-prerequisites.md
+++ b//imagebuilder/latest/userguide/image-lifecycle-prerequisites.md
@@ -11 +11,7 @@ Before you can define EC2 Image Builder lifecycle management policies and rules
-  * Create an IAM role that grants permission for Image Builder to run lifecycle policies. To create the role, see Create an IAM role for Image Builder lifecycle management.
+  * Create an IAM role that grants permission for Image Builder to run lifecycle policies. You can create this role in one of the following ways:
+
+    * Use the **Create lifecycle execution role using service defaults** option in the Image Builder console when creating a lifecycle policy. This automatically creates a role with the `EC2ImageBuilderLifecycleExecutionPolicy` managed policy attached.
+
+    * Use the **Create a new lifecycle execution role** option in the Image Builder console, which opens IAM with pre-filled settings for one-click role creation.
+
+    * Manually create the role in the IAM console. For step-by-step instructions, see Create an IAM role for Image Builder lifecycle management.