AWS connect documentation change
Summary
Minor grammatical improvements in IAM policy condition explanation and service-linked role requirements
Security assessment
Rephrasing ('in order to' → 'to') doesn't change security meaning. Maintains existing documentation about IAM policies and service roles without introducing new security content.
Diff
diff --git a/connect/latest/adminguide/hierarchy-based-access-control.md b/connect/latest/adminguide/hierarchy-based-access-control.md index e2527ceef..530335aa1 100644 --- a//connect/latest/adminguide/hierarchy-based-access-control.md +++ b//connect/latest/adminguide/hierarchy-based-access-control.md @@ -42 +42 @@ After you apply hierarchy-based access control to users, they can access their h -To use hierarchies to control access to resources within your AWS accounts, you need to provide the hierarchy's information in the condition element of an IAM policy. For example, to control access to a user belonging to a specific hierarchy, use the `connect:HierarchyGroupL3Id/hierarchyGroupId` condition key, along with a specific operator like `StringEquals` to specify which hierarchy group the user must belong to, in order to allow given actions for it. +To use hierarchies to control access to resources within your AWS accounts, you need to provide the hierarchy's information in the condition element of an IAM policy. For example, to control access to a user belonging to a specific hierarchy, use the `connect:HierarchyGroupL3Id/hierarchyGroupId` condition key, along with a specific operator like `StringEquals` to specify which hierarchy group the user must belong to, to allow given actions for it. @@ -86 +86 @@ A user can have more than two security profiles, as long as those additional sec -Service linked roles are required in order to configure hierarchy-based access control. If your instance was created after October 2018, this is available by default with your Connect Customer instance. However, if you have an older instance, refer to [Use service-linked roles for Connect Customer](./connect-slr.html) for instructions for how to enable service linked roles. +Service linked roles are required to configure hierarchy-based access control. If your instance was created after October 2018, this is available by default with your Connect Customer instance. However, if you have an older instance, refer to [Use service-linked roles for Connect Customer](./connect-slr.html) for instructions for how to enable service linked roles.