AWS firehose documentation change
Summary
Added 's3tables:GetNamespace' and 's3tables:PutTableData' permissions to IAM policy example and updated KMS condition format.
Security assessment
Expands example IAM policy with new S3-related permissions and updates KMS condition to include region specificity. Enhances security documentation but doesn't address a vulnerability.
Diff
diff --git a/firehose/latest/dev/controlling-access.md b/firehose/latest/dev/controlling-access.md index ce687c156..9d6514334 100644 --- a//firehose/latest/dev/controlling-access.md +++ b//firehose/latest/dev/controlling-access.md @@ -313,0 +314 @@ Create a policy and choose **JSON** in the policy editor. Add the following inli + "s3tables:GetNamespace", @@ -316,0 +318 @@ Create a policy and choose **JSON** in the policy editor. Add the following inli + "s3tables:PutTableData", @@ -389 +391 @@ Create a policy and choose **JSON** in the policy editor. Add the following inli - "kms:ViaService": "s3.amazonaws.com" + "kms:ViaService": "s3.region.amazonaws.com"