AWS kms documentation change
Summary
Updated concept anchors from '#customer-cmk' to '#customer-mgn-key' and '#aws-managed-cmk' to '#aws-managed-key' in EMR encryption section
Security assessment
Link corrections without substantive changes to security guidance. The requirement to use customer-managed keys for EMR encryption remains unchanged. No security vulnerabilities addressed or new security features documented.
Diff
diff --git a/kms/latest/developerguide/services-emr.md b/kms/latest/developerguide/services-emr.md index 96183fab4..662c8d89e 100644 --- a//kms/latest/developerguide/services-emr.md +++ b//kms/latest/developerguide/services-emr.md @@ -131 +131 @@ An Amazon EMR cluster is a collection of Amazon Elastic Compute Cloud (Amazon EC -When you enable local disk encryption for a cluster, you can choose to encrypt the LUKS key with a KMS key in AWS KMS. You must choose a [customer managed key](./concepts.html#customer-cmk) that you create; you cannot use an [AWS managed key](./concepts.html#aws-managed-cmk). If you choose a customer managed key, you must ensure that your Amazon EMR cluster has permission to use the KMS key. For more information, see [Using AWS KMS keys for encryption](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-encryption-enable.html#emr-awskms-keys) in the _Amazon EMR Management Guide_. +When you enable local disk encryption for a cluster, you can choose to encrypt the LUKS key with a KMS key in AWS KMS. You must choose a [customer managed key](./concepts.html#customer-mgn-key) that you create; you cannot use an [AWS managed key](./concepts.html#aws-managed-key). If you choose a customer managed key, you must ensure that your Amazon EMR cluster has permission to use the KMS key. For more information, see [Using AWS KMS keys for encryption](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-encryption-enable.html#emr-awskms-keys) in the _Amazon EMR Management Guide_.