AWS emr documentation change
Summary
Restructured IAM policy resources/actions as arrays in fine-grained access control documentation
Security assessment
Syntax improvements to existing security documentation without changing policy semantics or addressing vulnerabilities.
Diff
diff --git a/emr/latest/EMR-on-EKS-DevelopmentGuide/security_iam_fgac-lf-enable.md b/emr/latest/EMR-on-EKS-DevelopmentGuide/security_iam_fgac-lf-enable.md index 0eb4adfae..2febebdcc 100644 --- a//emr/latest/EMR-on-EKS-DevelopmentGuide/security_iam_fgac-lf-enable.md +++ b//emr/latest/EMR-on-EKS-DevelopmentGuide/security_iam_fgac-lf-enable.md @@ -123 +123,3 @@ JSON - "Resource": "arn:aws:iam::111122223333:role/JobExecutionRole", + "Resource": [ + "arn:aws:iam::111122223333:role/JobExecutionRole" + ], @@ -136 +138,3 @@ JSON - "Resource": "arn:aws:iam::111122223333:role/JobExecutionRole" + "Resource": [ + "arn:aws:iam::111122223333:role/JobExecutionRole" + ] @@ -141,2 +145,6 @@ JSON - "Action": "emr-containers:CreateCertificate", - "Resource": "*" + "Action": [ + "emr-containers:CreateCertificate" + ], + "Resource": [ + "*" + ] @@ -183 +191,3 @@ JSON - "Resource": ["*"] + "Resource": [ + "*" + ] @@ -191 +201,3 @@ JSON - "Resource": ["*"] + "Resource": [ + "*" + ] @@ -196,2 +208,6 @@ JSON - "Action": "emr-containers:CreateCertificate", - "Resource": "*" + "Action": [ + "emr-containers:CreateCertificate" + ], + "Resource": [ + "*" + ] @@ -237 +253,3 @@ JSON - "Action": "sts:AssumeRole" + "Action": [ + "sts:AssumeRole" + ]