AWS emr documentation change
Summary
Updated IAM Identity Center documentation with Trusted Identity Propagation details and prerequisites
Security assessment
Enhances documentation about authentication/authorization security features but doesn't address specific vulnerabilities
Diff
diff --git a/emr/latest/ManagementGuide/emr-idc.md b/emr/latest/ManagementGuide/emr-idc.md index 269be47d2..d135efefd 100644 --- a//emr/latest/ManagementGuide/emr-idc.md +++ b//emr/latest/ManagementGuide/emr-idc.md @@ -26 +26 @@ With Amazon EMR releases 6.15.0 and higher, you can use identities from AWS IAM -_Trusted Identity Propagation_ through IAM Identity Center can help you securely create or connect your workforce identities, and centrally manage their access across AWS accounts and applications. With this capability, a user can sign in to the application that uses trusted identity propagation, and that application can pass the identity of the user in requests that it makes to access data in AWS services that also use trusted identity propagation. +[Identity Center](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) is the recommended approach for workforce authentication and authorization on AWS for organizations of any size and type. With Identity Center, you can create and manage user identities in AWS, or connect your existing identity source, including Microsoft Active Directory, Okta, Ping Identity, JumpCloud, Google Workspace, and Microsoft Entra ID (formerly Azure AD). @@ -28,3 +28 @@ _Trusted Identity Propagation_ through IAM Identity Center can help you securely -Identity Center is the recommended approach for workforce authentication and authorization on AWS for organizations of any size and type. With Identity Center, you can create and manage user identities in AWS, or connect your existing identity source, including Microsoft Active Directory, Okta, Ping Identity, JumpCloud, Google Workspace, and Microsoft Entra ID (formerly Azure AD). - -For more information, see [What is AWS IAM Identity Center?](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) and [Trusted Identity Propagation across applications](https://docs.aws.amazon.com/singlesignon/latest/userguide/trustedidentitypropagation.html) in the _AWS IAM Identity Center User Guide_. +[Trusted identity propagation](https://docs.aws.amazon.com/singlesignon/latest/userguide/trustedidentitypropagation-overview.html) is an AWS IAM Identity Center feature that administrators of connected AWS services can use to grant and audit access to service data. Access to this data is based on user attributes such as group associations. Setting up trusted identity propagation requires collaboration between the administrators of connected AWS services and the IAM Identity Center administrators. For more information, see [Prerequisites and considerations](https://docs.aws.amazon.com/singlesignon/latest/userguide/trustedidentitypropagation-overall-prerequisites.html).