AWS marketplace documentation change
Summary
Added S3 permission for uploading to ephemeral file upload bucket and updated AWSMarketplaceSellerFullAccess policy with new permissions
Security assessment
Documents new IAM permissions (s3:PutObject and aws-marketplace:ListInvoiceSubmissionTasks) which are security-relevant but shows no evidence of addressing a specific vulnerability
Diff
diff --git a/marketplace/latest/userguide/security-iam-awsmanpol.md b/marketplace/latest/userguide/security-iam-awsmanpol.md index 35e3080c8..30b660392 100644 --- a//marketplace/latest/userguide/security-iam-awsmanpol.md +++ b//marketplace/latest/userguide/security-iam-awsmanpol.md @@ -146,0 +147,2 @@ This policy includes the following permissions: + * `s3` – Allows principals to upload objects to the AWS Marketplace ephemeral file upload bucket scoped to the caller's account. + @@ -228,0 +231 @@ Change | Description | Date +AWSMarketplaceSellerFullAccess – Update to an existing policy | AWS Marketplace added a new `MarketplaceEphemeralWriteS3Access` statement with `s3:PutObject` permission for write access to the AWS Marketplace ephemeral file upload bucket, scoped to the caller's account. Added `aws-marketplace:ListInvoiceSubmissionTasks` to the `SellerSettings` statement. | April 29, 2026