AWS Security ChangesHomeSearch

AWS partner-central documentation change

Service: partner-central · 2026-03-25 · Documentation medium

File: partner-central/latest/getting-started/managed-policies.md

Summary

Added documentation for three new AWS managed policies for AWS ProServe Tools: AWSPartnerProServeToolsFullAccess, AWSPartnerProServeToolsOrganizationReaderIndividualContributor, and AWSPartnerProServeToolsIndividualContributor

Security assessment

This change adds documentation for new IAM managed policies, which are security features. However, there is no evidence this addresses a specific security vulnerability or incident. The policies appear to be new features for AWS Partner Central ProServe Tools access control.

Diff

diff --git a/partner-central/latest/getting-started/managed-policies.md b/partner-central/latest/getting-started/managed-policies.md
index 75c19ad1a..caf14d71b 100644
--- a//partner-central/latest/getting-started/managed-policies.md
+++ b//partner-central/latest/getting-started/managed-policies.md
@@ -5 +5 @@
-AWSPartnerCentralFullAccessPartnerCentralAccountManagementUserRoleAssociationAWSPartnerCentralOpportunityManagementAWSPartnerCentralSandboxFullAccessAWSPartnerCentralSellingResourceSnapshotJobExecutionRolePolicyAWSPartnerCentralChannelManagementAWSPartnerCentralChannelHandshakeApprovalManagementAWSPartnerCentralMarketingManagementPartnerCentralIncentiveBenefitManagementPolicy updates
+AWSPartnerCentralFullAccessPartnerCentralAccountManagementUserRoleAssociationAWSPartnerCentralOpportunityManagementAWSPartnerCentralSandboxFullAccessAWSPartnerCentralSellingResourceSnapshotJobExecutionRolePolicyAWSPartnerCentralChannelManagementAWSPartnerCentralChannelHandshakeApprovalManagementAWSPartnerCentralMarketingManagementPartnerCentralIncentiveBenefitManagementAWSPartnerProServeToolsFullAccessAWSPartnerProServeToolsOrganizationReaderIndividualContributorAWSPartnerProServeToolsIndividualContributorPolicy updates
@@ -34,0 +35,6 @@ The AWS managed policies described in this section manage AWS Partner Central us
+  * AWS managed policy: AWSPartnerProServeToolsFullAccess
+
+  * AWS managed policy: AWSPartnerProServeToolsOrganizationReaderIndividualContributor
+
+  * AWS managed policy: AWSPartnerProServeToolsIndividualContributor
+
@@ -122,0 +129,57 @@ To view the permissions for this policy, see [PartnerCentralIncentiveBenefitMana
+## AWS managed policy: `AWSPartnerProServeToolsFullAccess`
+
+You can attach the `AWSPartnerProServeToolsFullAccess` policy to your IAM identities.
+
+This policy grants full access to AWS ProServe Tools (A2T and MPA) via AWS Partner Central Single Sign-On. It includes all assessment roles — individual contributor, organization reader, organization contributor, and organization admin — enabling complete access to create, read, update, and share assessments across the organization, as well as manage organization-level settings.
+
+**Roles granted:**
+
+  * AssessmentIndividualContributor
+
+  * AssessmentOrganizationReader
+
+  * AssessmentOrganizationContributor
+
+  * OrganizationAdmin
+
+
+
+
+To view the permissions for this policy, see [AWSPartnerProServeToolsFullAccess](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSPartnerProServeToolsFullAccess.html) in the _AWS Managed Policy Reference_.
+
+## AWS managed policy: `AWSPartnerProServeToolsOrganizationReaderIndividualContributor`
+
+You can attach the `AWSPartnerProServeToolsOrganizationReaderIndividualContributor` policy to your IAM identities.
+
+This policy grants read access to all organizational assessments in A2T, combined with the ability to create and manage the user's own assessments in both A2T and MPA. It is intended for users who need visibility into team assessments while retaining the ability to manage their own work.
+
+###### Note
+
+MPA does not support read-only mode. Users assigned this policy will retain read/write access to their own MPA assessments.
+
+**Roles granted:**
+
+  * AssessmentIndividualContributor
+
+  * AssessmentOrganizationReader
+
+
+
+
+To view the permissions for this policy, see [AWSPartnerProServeToolsOrganizationReaderIndividualContributor](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSPartnerProServeToolsOrganizationReaderIndividualContributor.html) in the _AWS Managed Policy Reference_.
+
+## AWS managed policy: `AWSPartnerProServeToolsIndividualContributor`
+
+You can attach the `AWSPartnerProServeToolsIndividualContributor` policy to your IAM identities.
+
+This policy grants the minimum permissions required to access AWS ProServe Tools via AWS Partner Central Single Sign-On. Users can create, read, update, and share their own assessments in both A2T and MPA. Access is scoped to assessments created by the user's own IAM identity (role or user ARN).
+
+**Roles granted:**
+
+  * AssessmentIndividualContributor
+
+
+
+
+To view the permissions for this policy, see [AWSPartnerProServeToolsIndividualContributor](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSPartnerProServeToolsIndividualContributor.html) in the _AWS Managed Policy Reference_.
+
@@ -128,0 +192,3 @@ Change | Description | Date
+AWSPartnerProServeToolsFullAccess — New policy | AWS Partner Central added a new policy to grant full access to AWS ProServe Tools (A2T and MPA) via AWS Partner Central Single Sign-On with all assessment roles. | March 23, 2026  
+AWSPartnerProServeToolsOrganizationReaderIndividualContributor — New policy | AWS Partner Central added a new policy to grant read access to organizational assessments in A2T and manage own assessments in both A2T and MPA. | March 23, 2026  
+AWSPartnerProServeToolsIndividualContributor — New policy | AWS Partner Central added a new policy to grant minimum permissions to access AWS ProServe Tools and manage own assessments. | March 23, 2026