AWS prescriptive-guidance documentation change
Summary
Removed hyperlink to glossary definition for 'tags' in ABAC explanation
Security assessment
Link removal doesn't alter security guidance about attribute-based access control. Core security concept remains unchanged.
Diff
diff --git a/prescriptive-guidance/latest/security-controls-by-caf-capability/identity-and-access-controls.md b/prescriptive-guidance/latest/security-controls-by-caf-capability/identity-and-access-controls.md index fa5a2059a..14eafceb5 100644 --- a//prescriptive-guidance/latest/security-controls-by-caf-capability/identity-and-access-controls.md +++ b//prescriptive-guidance/latest/security-controls-by-caf-capability/identity-and-access-controls.md @@ -104 +104 @@ _Least privilege_ is the practice of grant only the permissions required to perf -_Attribute-based access control (ABAC)_ is an authorization strategy that defines permissions based on attributes, such as their [tags](./apg-gloss.html#glossary-tags). You can use group, identity, and resource attributes to dynamically define permissions at scale, rather than defining permissions for individual users. For example, you can use ABAC to allow a group of developers to access only resources that have a specific tag associated with their project. +_Attribute-based access control (ABAC)_ is an authorization strategy that defines permissions based on attributes, such as their tags. You can use group, identity, and resource attributes to dynamically define permissions at scale, rather than defining permissions for individual users. For example, you can use ABAC to allow a group of developers to access only resources that have a specific tag associated with their project.