AWS lambda documentation change
Summary
Updated AWS managed policy documentation to include 'ec2:DescribeVpcEncryptionControls' permission and added policy change history entry.
Security assessment
The change explicitly documents a new IAM permission for examining VPC encryption controls, enhancing security documentation. There is no indication of a security vulnerability being fixed; it appears to be a routine policy update.
Diff
diff --git a/lambda/latest/dg/security-iam-awsmanpol.md b/lambda/latest/dg/security-iam-awsmanpol.md index 99e8d1ac6..af602ddbe 100644 --- a//lambda/latest/dg/security-iam-awsmanpol.md +++ b//lambda/latest/dg/security-iam-awsmanpol.md @@ -238,0 +239,2 @@ This policy includes the following permissions: + * `ec2:DescribeVpcEncryptionControls` – Allows Lambda to examine VPC encryption control settings for instance configuration. + @@ -270,0 +273 @@ Change | Description | Date +[AWSLambdaManagedEC2ResourceOperator](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSLambdaManagedEC2ResourceOperator.html) – Change | Lambda updated the `AWSLambdaManagedEC2ResourceOperator` policy to allow the `ec2:DescribeVpcEncryptionControls` action. This permission enables Lambda to examine VPC encryption control settings for instance configuration. | April 23, 2026