AWS Security ChangesHomeSearch

AWS serverlessrepo documentation change

Service: serverlessrepo · 2026-04-19 · Documentation low

File: serverlessrepo/latest/devguide/doc-history.md

Summary

Added a documentation history entry for new IAM permission controls that block overly permissive policies in published applications.

Security assessment

This documents the addition of security controls in the Serverless Application Repository. It adds security documentation but doesn't indicate a specific security issue was addressed.

Diff

diff --git a/serverlessrepo/latest/devguide/doc-history.md b/serverlessrepo/latest/devguide/doc-history.md
index fc19b0b38..d54f12a11 100644
--- a//serverlessrepo/latest/devguide/doc-history.md
+++ b//serverlessrepo/latest/devguide/doc-history.md
@@ -19,0 +20 @@ Change| Description| Date
+IAM permission controls for published applications| AWS Serverless Application Repository now blocks publication of new applications that attach the `AWSLambda_FullAccess` managed policy to Lambda functions, or that grant `iam:AttachRolePolicy`, `iam:PutRolePolicy`, or `iam:*` on all resources in inline IAM policies. For more information, see [Using AWS SAM with the AWS Serverless Application Repository](https://docs.aws.amazon.com/serverlessrepo/latest/devguide/using-aws-sam.html) and [Application Capabilities](https://docs.aws.amazon.com/serverlessrepo/latest/devguide/acknowledging-application-capabilities.html).| April 15, 2026