AWS AmazonCloudWatch documentation change
Summary
Removed entire 'AI-assisted processor configuration permissions' section including the example IAM policy for logs:GeneratePermission
Security assessment
This change removes IAM policy documentation for the AI-assisted processor configuration feature. While IAM permissions are security-related, the removal doesn't indicate a security vulnerability - it appears to be cleaning up documentation for a deprecated feature. No security issue evidence is present in the diff.
Diff
diff --git a/AmazonCloudWatch/latest/monitoring/pipeline-iam-reference.md b/AmazonCloudWatch/latest/monitoring/pipeline-iam-reference.md index 1b2660fca..8c18b092d 100644 --- a//AmazonCloudWatch/latest/monitoring/pipeline-iam-reference.md +++ b//AmazonCloudWatch/latest/monitoring/pipeline-iam-reference.md @@ -5 +5 @@ -API caller permissionsPipeline condition keysAI-assisted processor configuration permissionsSource-specific IAM policiesTrust relationshipsResource policiesManaging resource policies +API caller permissionsPipeline condition keysSource-specific IAM policiesTrust relationshipsResource policiesManaging resource policies @@ -251,19 +250,0 @@ Restricts pipeline creation to specific log source types. -## AI-assisted processor configuration permissions - -To use AI-assisted processor configuration in the CloudWatch pipelines console, the IAM principal must have the `logs:GeneratePipeline` permission. This permission authorizes the generation of processor configurations from natural language descriptions. - -###### Example IAM policy for AI-assisted processor configuration - - - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "AllowGeneratePipeline", - "Effect": "Allow", - "Action": "logs:GeneratePipeline", - "Resource": "*" - } - ] - } -