AWS Security ChangesHomeSearch

AWS signin medium security documentation change

Service: signin · 2026-07-13 · Security-related medium

File: signin/latest/userguide/console-access-control.md

Summary

Added compatibility note about IAM Identity Center limitations with network-based policy restrictions

Security assessment

Documents a critical compatibility issue where network-based access policies block IAM Identity Center users. This directly addresses potential misconfigurations that could cause service denials (availability impact) and provides remediation guidance, qualifying as security documentation.

Diff

diff --git a/signin/latest/userguide/console-access-control.md b/signin/latest/userguide/console-access-control.md
index c60e31a36..d6e7d4974 100644
--- a//signin/latest/userguide/console-access-control.md
+++ b//signin/latest/userguide/console-access-control.md
@@ -47,2 +46,0 @@ AWS Sign-In resource-based policies and RCPs apply to the following authenticati
-  * **AWS IAM Identity Center** – Console sign-in using IAM Identity Center.
-
@@ -55,0 +54,4 @@ AWS Sign-In resource-based policies and RCPs apply to the following authenticati
+###### Note
+
+Console access through the IAM Identity Center portal is not currently compatible with AWS Sign-In policies that restrict access based on network condition keys. Enabling network-based restrictions will block console access for user in IAM Identity Center users.
+
@@ -534,0 +537,2 @@ If you see any of these errors and believe your access should be allowed, contac
+**IAM Identity Center portal users:** Console access through the IAM Identity Center portal is not currently compatible with AWS Sign-In policies that restrict access based on network condition keys. To restore access for user in IAM Identity Center users, remove or adjust the network-based condition keys in your policy, or direct those users to sign in through an alternative authentication method.
+