AWS Security ChangesHomeSearch

AWS emr medium security documentation change

Service: emr · 2025-05-10 · Security-related medium

File: emr/latest/EMR-Serverless-UserGuide/vpc-access.md

Summary

Added reference to logging requirements when using S3 VPC endpoints with access policies

Security assessment

Ensures VPC configurations maintain secure log storage capabilities. Missing these permissions could disrupt security monitoring via logs and create operational risks.

Diff

diff --git a/emr/latest/EMR-Serverless-UserGuide/vpc-access.md b/emr/latest/EMR-Serverless-UserGuide/vpc-access.md
index 28dcb854f..2c634c8e4 100644
--- a//emr/latest/EMR-Serverless-UserGuide/vpc-access.md
+++ b//emr/latest/EMR-Serverless-UserGuide/vpc-access.md
@@ -34,0 +35,2 @@ For private subnets:
+  * If you configure an S3 VPC endpoint and you attach an endpoint policy to control access, you must follow the instructions in [Logging for EMR Serverless with managed storage](logging.html#jobs-log-storage-managed-storage) to provide permissions for EMR Serverless to store and serve application logs.
+