AWS IAM documentation change
Summary
Fixed typo in possessive pronoun ('it’s' to 'its')
Security assessment
Grammatical correction with no security implications. Doesn't alter security context of service-linked role permissions.
Diff
diff --git a/IAM/latest/UserGuide/id_roles_create-service-linked-role.md b/IAM/latest/UserGuide/id_roles_create-service-linked-role.md index 8dc2ed700..03cd17c5f 100644 --- a//IAM/latest/UserGuide/id_roles_create-service-linked-role.md +++ b//IAM/latest/UserGuide/id_roles_create-service-linked-role.md @@ -137 +137 @@ The permissions granted by a service-linked role can be indirectly transferred t -For example, when you create an Amazon RDS DB instance, [a service-linked role for RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAM.ServiceLinkedRoles.html) is automatically created if one does not already exist. This service-linked role allows RDS to call Amazon EC2, Amazon SNS, Amazon CloudWatch Logs, and Amazon Kinesis on your behalf. If you allow users and roles in your account to modify or create RDS databases, then they may be able to indirectly interact with Amazon EC2, Amazon SNS, Amazon CloudWatch Logs logs, and Amazon Kinesis resources by calling RDS, as RDS would use it’s service-linked role to access those resources. +For example, when you create an Amazon RDS DB instance, [a service-linked role for RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAM.ServiceLinkedRoles.html) is automatically created if one does not already exist. This service-linked role allows RDS to call Amazon EC2, Amazon SNS, Amazon CloudWatch Logs, and Amazon Kinesis on your behalf. If you allow users and roles in your account to modify or create RDS databases, then they may be able to indirectly interact with Amazon EC2, Amazon SNS, Amazon CloudWatch Logs logs, and Amazon Kinesis resources by calling RDS, as RDS would use its service-linked role to access those resources.