AWS bedrock documentation change
Summary
Added an example IAM policy to deny project creation using the bedrock-mantle:CreateProject action
Security assessment
This change adds a new deny policy example for preventing project creation, which is security documentation for implementing access controls. It demonstrates how to restrict specific Bedrock actions but doesn't indicate any security vulnerability being addressed.
Diff
diff --git a/bedrock/latest/userguide/security-iam-projects.md b/bedrock/latest/userguide/security-iam-projects.md index 5363e00a4..c36020a38 100644 --- a//bedrock/latest/userguide/security-iam-projects.md +++ b//bedrock/latest/userguide/security-iam-projects.md @@ -16,0 +17,17 @@ The following examples show IAM policy documents that grant access to Bedrock Pr +### Deny project creation + +The following policy prevents a user from creating new projects: + + + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "DenyProjectCreation", + "Effect": "Deny", + "Action": "bedrock-mantle:CreateProject", + "Resource": "*" + } + ] + } +