AWS connect documentation change
Summary
Increased the maximum number of granular access control security profiles assignable to a user from two to seven and updated related constraints.
Security assessment
The change updates documentation about security features (access control permissions) but shows no evidence of fixing a vulnerability. It enhances administrative flexibility without referencing security incidents.
Diff
diff --git a/connect/latest/adminguide/hierarchy-based-access-control.md b/connect/latest/adminguide/hierarchy-based-access-control.md index ec1b16b80..fcd60f383 100644 --- a//connect/latest/adminguide/hierarchy-based-access-control.md +++ b//connect/latest/adminguide/hierarchy-based-access-control.md @@ -80 +80 @@ This option ensures that the user being given access can only manage users that -Granular access control is configured on a security profile. Users can be assigned a maximum of two security profiles that enforce granular access control. In this case, the permissions become less restrictive and act as a union of both permission sets. +Granular access control is configured on a security profile. Users can be assigned a maximum of seven security profiles that enforce granular access control. In this case, the permissions become less restrictive and act as a union of both permission sets. @@ -84 +84 @@ For example, if one security profile enforces hierarchy-based access control and -A user can have more than two security profiles, as long as those additional security profiles do not enforce granular access control. If multiple security profiles are present with overlapping resource permissions, the security profile without hierarchy-based access control is enforced over the one with hierarchy-based access control. +A user can have more than seven security profiles, as long as those additional security profiles do not enforce granular access control. If multiple security profiles are present with overlapping resource permissions, the security profile without hierarchy-based access control is enforced over the one with hierarchy-based access control.