AWS Security ChangesHomeSearch

AWS emr documentation change

Service: emr · 2025-08-10 · Documentation medium

File: emr/latest/EMR-Serverless-UserGuide/data-protection.md

Summary

Updated S3 encryption documentation to state that encryption is now enabled by default for all S3 buckets

Security assessment

Clarifies security best practices (default encryption at rest) but does not address a specific vulnerability. Highlights existing security controls rather than patching an issue.

Diff

diff --git a/emr/latest/EMR-Serverless-UserGuide/data-protection.md b/emr/latest/EMR-Serverless-UserGuide/data-protection.md
index 3183dcd00..d0ed1b092 100644
--- a//emr/latest/EMR-Serverless-UserGuide/data-protection.md
+++ b//emr/latest/EMR-Serverless-UserGuide/data-protection.md
@@ -50 +50 @@ When you use AWS KMS, charges apply for the storage and use of encryption keys.
-When you set up Amazon S3 server-side encryption, Amazon S3 encrypts data at the object level as it writes the data to disk and decrypts the data when it is accessed. For more information about SSE, see [Protecting data using server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) in the Amazon Simple Storage Service Developer Guide.
+All Amazon S3 buckets have encryption configured by default, and all new objects that are uploaded to an S3 bucket are automatically encrypted at rest, Amazon S3 encrypts data at the object level as it writes the data to disk and decrypts the data when it is accessed. For more information about SSE, see [Protecting data using server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) in the Amazon Simple Storage Service Developer Guide.