AWS emr documentation change
Summary
Updated DynamoDB table ARN and role ARNs to use wildcards.
Security assessment
Example ARN standardization without security implications.
Diff
diff --git a/emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md b/emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md index 8b113b4ac..d9a287014 100644 --- a//emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md +++ b//emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md @@ -88 +88 @@ JSON - "arn:aws:dynamodb:us-east-1:111122223333:table/CrossAccountTable" + "arn:aws:dynamodb:us-east-1:*:table/CrossAccountTable" @@ -115,3 +114,0 @@ JSON - "Principal": { - "AWS": "arn:aws:iam::111122223333:role/Job-Execution-Role-A" - }, @@ -120,0 +118,3 @@ JSON + "Resource": [ + "arn:aws:iam::*:role/Job-Execution-Role-A" + ], @@ -148 +148 @@ JSON - "arn:aws:iam::111122223333:role/Cross-Account-Role-B" + "arn:aws:iam::*:role/Cross-Account-Role-B"