AWS emr documentation change
Summary
Updated KMS key ARN and log group ARN patterns to use wildcards and consistent account ID. Removed explicit principal in policy examples.
Security assessment
Changes standardize example ARN formats but do not address specific security vulnerabilities or introduce new security features.
Diff
diff --git a/emr/latest/EMR-Serverless-UserGuide/jobs-log-encryption.md b/emr/latest/EMR-Serverless-UserGuide/jobs-log-encryption.md index e5e06baf3..b3a88a3c1 100644 --- a//emr/latest/EMR-Serverless-UserGuide/jobs-log-encryption.md +++ b//emr/latest/EMR-Serverless-UserGuide/jobs-log-encryption.md @@ -105 +105 @@ JSON - "key-arn" + "arn:aws:kms:*:123456789012:key/12345678-1234-1234-1234-123456789012" @@ -184 +184 @@ JSON - "key-arn" + "arn:aws:kms:*:123456789012:key/12345678-1234-1234-1234-123456789012" @@ -212 +212 @@ JSON - "arn:aws:logs:us-east-1:111122223333:log-group:my-log-group-name:*" + "arn:aws:logs:*:123456789012:log-group:my-log-group-name:*" @@ -235,3 +234,0 @@ JSON - "Principal": { - "Service": "logs.us-east-1.amazonaws.com" - }, @@ -247 +244 @@ JSON - "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:us-east-1:111122223333:*" + "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:*:123456789012:*"