AWS emr documentation change
Summary
Added EC2 launch template and placement group permissions to service-linked role policy
Security assessment
The changes expand the service-linked role's permissions for resource cleanup operations but contain no security-related context or vulnerability references. These appear to be routine operational permission updates.
Diff
diff --git a/emr/latest/ManagementGuide/using-service-linked-roles-cleanup.md b/emr/latest/ManagementGuide/using-service-linked-roles-cleanup.md index 96fd15a9b..3c1ad3a0a 100644 --- a//emr/latest/ManagementGuide/using-service-linked-roles-cleanup.md +++ b//emr/latest/ManagementGuide/using-service-linked-roles-cleanup.md @@ -31,0 +32,4 @@ The AWSServiceRoleForEMRCleanup service-linked role permissions policy allows Am + * Action: `DescribeLaunchTemplates` on `ec2` + + * Action: `DeleteLaunchTemplate` on `ec2` + @@ -51,0 +56,4 @@ The AWSServiceRoleForEMRCleanup service-linked role permissions policy allows Am + * Action: `DescribePlacementGroups` on `ec2` + + * Action: `DeletePlacementGroup` on `ec2` +