AWS lambda documentation change
Summary
Added 'ec2:DescribeVpcEncryptionControls' permission to the operator role's IAM policy for Lambda managed instances.
Security assessment
The change adds a new IAM permission that allows Lambda to examine VPC encryption control settings, which is related to security configuration monitoring but does not indicate a specific security vulnerability being fixed. It enhances security documentation by specifying required permissions for encryption controls.
Diff
diff --git a/lambda/latest/dg/lambda-managed-instances-operator-role.md b/lambda/latest/dg/lambda-managed-instances-operator-role.md index 92c88d7e2..6cd7100db 100644 --- a//lambda/latest/dg/lambda-managed-instances-operator-role.md +++ b//lambda/latest/dg/lambda-managed-instances-operator-role.md @@ -62 +62,2 @@ The operator role needs permissions to manage capacity providers and the underly - "ec2:DescribeSubnets" + "ec2:DescribeSubnets", + "ec2:DescribeVpcEncryptionControls"