AWS Security ChangesHomeSearch

AWS emr documentation change

Service: emr · 2025-08-25 · Documentation low

File: emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md

Summary

Removed explicit Principal blocks and updated resource ARNs to use placeholder account IDs and bucket names.

Security assessment

Policy structure changes focus on example consistency, not security fixes. No evidence of addressing vulnerabilities.

Diff

diff --git a/emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md b/emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md
index 16ccd39ba..5af9390b8 100644
--- a//emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md
+++ b//emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md
@@ -43 +43 @@ JSON
-          "Sid": "Example permissions 1",
+          "Sid": "ExamplePermissions1",
@@ -45,3 +44,0 @@ JSON
-          "Principal": {
-            "AWS": "arn:aws:iam::111122223333:root"
-          },
@@ -52 +49 @@ JSON
-            "arn:aws:s3:::bucket_name_in_AccountB"
+            "arn:aws:s3:::my-bucket-name"
@@ -56 +53 @@ JSON
-          "Sid": "Example permissions 2",
+          "Sid": "ExamplePermissions2",
@@ -58,3 +54,0 @@ JSON
-          "Principal": {
-            "AWS": "arn:aws:iam::111122223333:root"
-          },
@@ -67 +61 @@ JSON
-            "arn:aws:s3:::bucket_name_in_AccountB/*"
+            "arn:aws:s3:::my-bucket-name/*"
@@ -135 +129 @@ JSON
-            "arn:aws:dynamodb:us-east-1:AccountB:table/CrossAccountTable"
+            "arn:aws:dynamodb:*:123456789012:table/CrossAccountTable"
@@ -162,3 +155,0 @@ JSON
-              "Principal": {
-                "AWS": "arn:aws:iam::111122223333:role/Job-Execution-Role-A"
-              },
@@ -167,0 +159 @@ JSON
+              "Resource": "arn:aws:iam::123456789012:role/Job-Execution-Role-A",
@@ -195 +187 @@ JSON
-                "arn:aws:iam::111122223333:role/Cross-Account-Role-B"
+                "arn:aws:iam::123456789012:role/Cross-Account-Role-B"