AWS Security ChangesHomeSearch

AWS claude-platform documentation change

Service: claude-platform · 2026-05-31 · Documentation low

File: claude-platform/latest/userguide/iam-policies.md

Summary

Added AnthropicSelfHostedEnvironmentAccess managed policy documentation for self-hosted workers

Security assessment

Documents a new IAM policy with least-privilege permissions for secure access patterns. This is security documentation but doesn't address a specific vulnerability.

Diff

diff --git a/claude-platform/latest/userguide/iam-policies.md b/claude-platform/latest/userguide/iam-policies.md
index b84799de7..809cc1fd8 100644
--- a//claude-platform/latest/userguide/iam-policies.md
+++ b//claude-platform/latest/userguide/iam-policies.md
@@ -166,0 +167,2 @@ AWS provides managed policies for common access patterns:
+  * **`AnthropicSelfHostedEnvironmentAccess`:** Grants the permissions a self-hosted sandbox worker needs to poll and process environment work items, read the associated environment, session, and skill resources, and update session state. Attach this policy to the IAM role that your self-hosted environment worker assumes. `AnthropicSelfHostedEnvironmentAccess` is the recommended single-role default; if you run the work poller and the per-session sandbox under separate IAM principals, you can split these permissions across two narrower custom policies for least-privilege.
+