AWS emr documentation change
Summary
Added SIDs and array formatting for KMS-related IAM policies in logging documentation
Security assessment
Formatting changes to existing encryption-related policies without altering security controls or fixing vulnerabilities.
Diff
diff --git a/emr/latest/EMR-on-EKS-DevelopmentGuide/security_iam_fgac-logging-kms.md b/emr/latest/EMR-on-EKS-DevelopmentGuide/security_iam_fgac-logging-kms.md index 2d732175b..f8257bb09 100644 --- a//emr/latest/EMR-on-EKS-DevelopmentGuide/security_iam_fgac-logging-kms.md +++ b//emr/latest/EMR-on-EKS-DevelopmentGuide/security_iam_fgac-logging-kms.md @@ -43,3 +43,8 @@ JSON - "Action": "emr-containers:StartJobRun", - "Resource": "*", - "Effect": "Allow" + "Action": [ + "emr-containers:StartJobRun" + ], + "Resource": [ + "*" + ], + "Effect": "Allow", + "Sid": "AllowEMRCONTAINERSStartjobrun" @@ -53,2 +58,5 @@ JSON - "Resource": "KMS key ARN", - "Effect": "Allow" + "Resource": [ + "KMS key ARN" + ], + "Effect": "Allow", + "Sid": "AllowKMSDescribekey" @@ -79,2 +87,6 @@ JSON - "Action": "kms:DescribeKey", - "Resource": "*", + "Action": [ + "kms:DescribeKey" + ], + "Resource": [ + "*" + ], @@ -85 +97,2 @@ JSON - } + }, + "Sid": "AllowKMSDescribekey" @@ -96 +109,3 @@ JSON - "Resource": "*", + "Resource": [ + "*" + ], @@ -102 +117,2 @@ JSON - } + }, + "Sid": "AllowKMSDecrypt" @@ -116 +132,3 @@ JSON - "Resource": "*", + "Resource": [ + "*" + ], @@ -122 +140,2 @@ JSON - } + }, + "Sid": "AllowKMSDecrypt"