Worked on the cert-manager/website repository to deliver a key documentation feature focused on security for DNS-based ACME flows. Updated the Route53 DNS01 ACME policy documentation to require that the ChangeResourceRecordSets IAM permission be restricted solely to TXT records, thereby reducing the permission surface area and aligning with least-privilege principles. This change improved both the clarity and auditability of the documentation, supporting better onboarding for developers and enhancing the overall security posture. The work demonstrated skills in Markdown documentation, IAM policy design, and a strong understanding of Route53 and ACME concepts, with careful attention to commit traceability and descriptive messaging.