From 98797940df4acc6c8aaf0434da22f6fee0dc255e Mon Sep 17 00:00:00 2001
From: adanalvarez <adan.alvarez.90@gmail.com>
Date: Sat, 3 Feb 2024 23:57:20 +0100
Subject: [PATCH] add code tags to CloudTrail parameters

---
 .../AWS/aws.persistence.iam-create-backdoor-role.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/attack-techniques/AWS/aws.persistence.iam-create-backdoor-role.md b/docs/attack-techniques/AWS/aws.persistence.iam-create-backdoor-role.md
index 606850456..ce60d8aca 100755
--- a/docs/attack-techniques/AWS/aws.persistence.iam-create-backdoor-role.md
+++ b/docs/attack-techniques/AWS/aws.persistence.iam-create-backdoor-role.md
@@ -67,7 +67,7 @@ which generates a finding when a role can be assumed from a new AWS account or p
 
 - Identify a call to <code>CreateRole</code> closely followed by <code>AttachRolePolicy</code> with an administrator policy.
 
-- Identify a call to <code>CreateRole</code> that contains an assumeRolePolicyDocument in the requestParameters that allows access from an external AWS account. Sample event:
+- Identify a call to <code>CreateRole</code> that contains an <code>assumeRolePolicyDocument</code> in the <code>requestParameters</code> that allows access from an external AWS account. Sample event:
 
 ```
 {