AWS Security ChangesHomeSearch

AWS r53recovery documentation change

Service: r53recovery · 2026-05-10 · Documentation low

File: r53recovery/latest/dg/arc-routing-controls-block.md

Summary

Clarified IAM policy requirement by specifying it must be attached to the plan's execution role

Security assessment

The change specifies that IAM policies must be attached to the execution role rather than a generic principal. This improves security posture by enforcing least privilege but doesn't address a specific vulnerability.

Diff

diff --git a/r53recovery/latest/dg/arc-routing-controls-block.md b/r53recovery/latest/dg/arc-routing-controls-block.md
index d834db558..bbb96d970 100644
--- a//r53recovery/latest/dg/arc-routing-controls-block.md
+++ b//r53recovery/latest/dg/arc-routing-controls-block.md
@@ -23 +23 @@ To configure a routing control execution block, enter the following values.
-Before you configure the execution block, make sure that you have the correct IAM policy in place. For more information, see [ARC routing controls execution block sample policy](./security_iam_region_switch_arc_routing.html).
+Before you configure the execution block, make sure that the plan's execution role has the correct IAM policy in place. For more information, see [ARC routing controls execution block sample policy](./security_iam_region_switch_arc_routing.html).