AWS Security ChangesHomeSearch

AWS glue high security documentation change

Service: glue · 2025-08-13 · Security-related high

File: glue/latest/webapi/API_JobRun.md

Summary

Added 'ExecutionRoleSessionPolicy' parameter documentation allowing inline session policies to restrict execution role permissions

Security assessment

Introduces dynamic permission restrictions for job execution roles, directly addressing least-privilege security practices. This helps prevent over-permissioned roles during job execution.

Diff

diff --git a/glue/latest/webapi/API_JobRun.md b/glue/latest/webapi/API_JobRun.md
index f95017f50..d643a5d27 100644
--- a//glue/latest/webapi/API_JobRun.md
+++ b//glue/latest/webapi/API_JobRun.md
@@ -95,0 +96,11 @@ Required: No
+**ExecutionRoleSessionPolicy**
+    
+
+This inline session policy to the StartJobRun API allows you to dynamically restrict the permissions of the specified execution role for the scope of the job, without requiring the creation of additional IAM roles.
+
+Type: String
+
+Length Constraints: Minimum length of 2. Maximum length of 2048.
+
+Required: No
+