AWS AmazonS3 documentation change
Summary
Added inventory-related API actions (e.g., PutBucketInventoryConfiguration) to the authentication and authorization table for S3 Express directory buckets and removed duplicate entries.
Security assessment
Documents IAM actions required for inventory operations on directory buckets, which is part of security configuration guidance, but no security vulnerability is addressed.
Diff
diff --git a/AmazonS3/latest/userguide/s3-express-authenticating-authorizing.md b/AmazonS3/latest/userguide/s3-express-authenticating-authorizing.md index a97d881f6..b7584ff32 100644 --- a//AmazonS3/latest/userguide/s3-express-authenticating-authorizing.md +++ b//AmazonS3/latest/userguide/s3-express-authenticating-authorizing.md @@ -35,0 +36,5 @@ API | Endpoint type | IAM action | Cross-account access +`DeleteBucketInventoryConfiguration` | Regional | `s3express:PutInventoryConfiguration` | No +`DeleteBucketPolicy` | Regional | `s3express:DeleteBucketPolicy` | No +`GetBucketInventoryConfiguration` | Regional | `s3express:GetInventoryConfiguration` | No +`GetBucketPolicy` | Regional | `s3express:GetBucketPolicy` | No +`ListBucketInventoryConfigurations` | Regional | `s3express:GetInventoryConfiguration` | No @@ -36,0 +42 @@ API | Endpoint type | IAM action | Cross-account access +`PutBucketInventoryConfiguration` | Regional | `s3express:PutInventoryConfiguration` | No @@ -38,2 +43,0 @@ API | Endpoint type | IAM action | Cross-account access -`GetBucketPolicy` | Regional | `s3express:GetBucketPolicy` | No -`DeleteBucketPolicy` | Regional | `s3express:DeleteBucketPolicy` | No