Alessandro Ogier updated the Route53 DNS01 ACME policy documentation in the cert-manager/website repository, focusing on enforcing a stricter IAM policy for DNS-based ACME flows. By revising the documentation to require that the ChangeResourceRecordSets permission be limited to TXT records, Alessandro reduced the IAM permission surface area and improved overall security. The work demonstrated a strong understanding of AWS IAM least-privilege principles, Route53, and ACME protocol requirements, and was delivered using Markdown with clear, auditable commit messaging. This update enhanced documentation clarity, supported better developer onboarding, and aligned the project’s security posture with industry best practices for cloud infrastructure.