AWS IAM documentation change
Summary
Fixed typos and corrected ARN formats in condition keys documentation, including 'AssumeRoleWithWebIdentity', 'credentials', and example ARNs.
Security assessment
Changes are minor corrections that improve clarity but do not address any security vulnerabilities or add security-specific content. No evidence of security issues in the diff.
Diff
diff --git a/IAM/latest/UserGuide/reference_policies_condition-keys.md b/IAM/latest/UserGuide/reference_policies_condition-keys.md index 7002a46c7..3562d2a69 100644 --- a//IAM/latest/UserGuide/reference_policies_condition-keys.md +++ b//IAM/latest/UserGuide/reference_policies_condition-keys.md @@ -537 +537 @@ Use this key to compare the principal's issuing identity provider (IdP) with the -For more information on external IdPs and `AssumeRoleWithWebIDentity`, see [Common scenarios](./id_federation_common_scenarios.html). For more information, see [Role session principals](./reference_policies_elements_principal.html#principal-role-session). +For more information on external IdPs and `AssumeRoleWithWebIdentity`, see [Common scenarios](./id_federation_common_scenarios.html). For more information, see [Role session principals](./reference_policies_elements_principal.html#principal-role-session). @@ -779 +779 @@ This key should not be used alone in an `Allow` statement. Private IP addresses -The following example is a service control policy (SCP) that denies access to all resources unless the request arrives via a VPC Endpoint in the same VPC as the as the role credentals. In this example, `aws:Ec2InstanceSourcePrivateIPv4` limits the credential source to a particular instance based on the source IP. +The following example is a service control policy (SCP) that denies access to all resources unless the request arrives via a VPC Endpoint in the same VPC as the as the role credentials. In this example, `aws:Ec2InstanceSourcePrivateIPv4` limits the credential source to a particular instance based on the source IP. @@ -944 +944 @@ Use this key to compare the ARN of the instance from which the role’s session - * **Example value** – arn:aws::ec2:us-west-2:111111111111:instance/instance-id + * **Example value** – arn:aws:ec2:us-west-2:111111111111:instance/instance-id @@ -1125 +1125 @@ Use this key to identify the AWS Systems Manager managed instance ARN that IAM r - * **Example value** – arn:aws::ec2:us-west-2:111111111111:instance/instance-id + * **Example value** – arn:aws:ec2:us-west-2:111111111111:instance/instance-id