AWS prescriptive-guidance documentation change
Summary
Reformatted note about SCPs/permissions boundaries and added horizontal rule
Security assessment
Formatting change to existing security note. Clarifies permission guardrails but doesn't introduce new security concepts.
Diff
diff --git a/prescriptive-guidance/latest/least-privilege-cloudformation/limiting-and-requiring-stack-policies.md b/prescriptive-guidance/latest/least-privilege-cloudformation/limiting-and-requiring-stack-policies.md index 58c181e97..941c074f7 100644 --- a//prescriptive-guidance/latest/least-privilege-cloudformation/limiting-and-requiring-stack-policies.md +++ b//prescriptive-guidance/latest/least-privilege-cloudformation/limiting-and-requiring-stack-policies.md @@ -79,3 +79,2 @@ By including this policy statement in an SCP instead of a permissions boundary, -###### Note - -SCPs and permissions boundaries are permissions guardrails that define the maximum available permissions for IAM principals in an account or organization. These policies do not grant permissions to the IAM principals. If you want to standardize the requirement that all IAM principals in your account or organization assign stack policies, you need to use both permission guardrails and the identity-based policies. +Note: SCPs and permissions boundaries are permissions guardrails that define the maximum available permissions for IAM principals in an account or organization. These policies do not grant permissions to the IAM principals. If you want to standardize the requirement that all IAM principals in your account or organization assign stack policies, you need to use both permission guardrails and the identity-based policies. +---