AWS emr documentation change
Summary
Removed explicit Principal blocks and updated resource ARNs to use placeholder account IDs and bucket names.
Security assessment
Policy structure changes focus on example consistency, not security fixes. No evidence of addressing vulnerabilities.
Diff
diff --git a/emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md b/emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md index 16ccd39ba..5af9390b8 100644 --- a//emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md +++ b//emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md @@ -43 +43 @@ JSON - "Sid": "Example permissions 1", + "Sid": "ExamplePermissions1", @@ -45,3 +44,0 @@ JSON - "Principal": { - "AWS": "arn:aws:iam::111122223333:root" - }, @@ -52 +49 @@ JSON - "arn:aws:s3:::bucket_name_in_AccountB" + "arn:aws:s3:::my-bucket-name" @@ -56 +53 @@ JSON - "Sid": "Example permissions 2", + "Sid": "ExamplePermissions2", @@ -58,3 +54,0 @@ JSON - "Principal": { - "AWS": "arn:aws:iam::111122223333:root" - }, @@ -67 +61 @@ JSON - "arn:aws:s3:::bucket_name_in_AccountB/*" + "arn:aws:s3:::my-bucket-name/*" @@ -135 +129 @@ JSON - "arn:aws:dynamodb:us-east-1:AccountB:table/CrossAccountTable" + "arn:aws:dynamodb:*:123456789012:table/CrossAccountTable" @@ -162,3 +155,0 @@ JSON - "Principal": { - "AWS": "arn:aws:iam::111122223333:role/Job-Execution-Role-A" - }, @@ -167,0 +159 @@ JSON + "Resource": "arn:aws:iam::123456789012:role/Job-Execution-Role-A", @@ -195 +187 @@ JSON - "arn:aws:iam::111122223333:role/Cross-Account-Role-B" + "arn:aws:iam::123456789012:role/Cross-Account-Role-B"