AWS Security ChangesHomeSearch

AWS firehose documentation change

Service: firehose · 2026-06-25 · Documentation low

File: firehose/latest/dev/controlling-access.md

Summary

Added 's3tables:GetNamespace' and 's3tables:PutTableData' permissions to IAM policy example and updated KMS condition format.

Security assessment

Expands example IAM policy with new S3-related permissions and updates KMS condition to include region specificity. Enhances security documentation but doesn't address a vulnerability.

Diff

diff --git a/firehose/latest/dev/controlling-access.md b/firehose/latest/dev/controlling-access.md
index ce687c156..9d6514334 100644
--- a//firehose/latest/dev/controlling-access.md
+++ b//firehose/latest/dev/controlling-access.md
@@ -313,0 +314 @@ Create a policy and choose **JSON** in the policy editor. Add the following inli
+                    "s3tables:GetNamespace",
@@ -316,0 +318 @@ Create a policy and choose **JSON** in the policy editor. Add the following inli
+                    "s3tables:PutTableData",
@@ -389 +391 @@ Create a policy and choose **JSON** in the policy editor. Add the following inli
-                        "kms:ViaService": "s3.amazonaws.com"
+                        "kms:ViaService": "s3.region.amazonaws.com"