added changes based on review

Author: Alex Melnyk

docs/content/index.mdx

@@ -51,7 +51,7 @@ This will add a nested app stack with an output parameter `LayerVersionArn`, tha
     - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn
 ```
 
-Here is the list of IAM permissions that you need to add to your deployment IAM role to use the layer, keep in mind to replace the placeholders:
+Here is the list of IAM permissions that you need to add to your deployment IAM role to use the layer:
 
 ```yaml
 Version: '2012-10-17'
@@ -67,23 +67,29 @@ Statement:
       - serverlessrepo:CreateCloudFormationTemplate
       - serverlessrepo:GetCloudFormationTemplate
     Resource:
+      # this is arn of the powertools SAR app
       - arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer
   - Sid: S3AccessLayer
     Effect: Allow
     Action:
       - s3:GetObject
     Resource:
+      # AWS publishes to an external S3 bucket locked down to your account ID
+      # The below example is us publishing lambda powertools
+      # Bucket: awsserverlessrepo-changesets-plntc6bfnfj
+      # Key: *****/arn:aws:serverlessrepo:eu-west-1:057560766410:applications-aws-lambda-powertools-python-layer-versions-1.6.0/aeeccf50-****-****-****-*********
       - arn:aws:s3:::awsserverlessrepo-changesets-*/*
   - Sid: GetLayerVersion
     Effect: Allow
     Action:
       - lambda:PublishLayerVersion
       - lambda:GetLayerVersion
     Resource:
-      - arn:aws:lambda:YOUR_AWS_REGION:YOUR_AWS_ACCOUNT:layer:aws-lambda-powertools-python-layer*
-
+      - !Sub arn:aws:lambda:${AWS::Region}:${AWS::AccoundId}:layer:aws-lambda-powertools-python-layer*
 ```
 
+> Credits to [mwarkentin](https://github.com/mwarkentin) for providing the scoped down IAM permissions.
+
 The region and the account id for `CloudFormationTransform` and `GetCfnTemplat` are fixed.
 
 You can fetch the available versions via the API with: