AWS payment-cryptography documentation change
Summary
Updated cross-account policy to support resource-based access control
Security assessment
Adds guidance on secure cross-account implementation via IAM policies, improving documentation without fixing a security issue.
Diff
diff --git a/payment-cryptography/latest/DataAPIReference/API_GenerateMac.md b/payment-cryptography/latest/DataAPIReference/API_GenerateMac.md index 02a48e0b1..585e61f49 100644 --- a//payment-cryptography/latest/DataAPIReference/API_GenerateMac.md +++ b//payment-cryptography/latest/DataAPIReference/API_GenerateMac.md @@ -19 +19 @@ For information about valid keys for this operation, see [Understanding key attr -**Cross-account use** : This operation can't be used across different AWS accounts. +**Cross-account use** : This operation supports cross-account use when the key has a resource-based policy that grants access. For more information, see [Resource-based policies](https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html).