AWS emr documentation change
Summary
Removed explicit service principal, added Resource field, and updated account IDs in policy examples
Security assessment
Policy restructuring focuses on resource specification and account alignment but lacks explicit security context (e.g., no vulnerability addressed).
Diff
diff --git a/emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md b/emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md index 3c7b03050..2501e1a14 100644 --- a//emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md +++ b//emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md @@ -36,3 +35,0 @@ JSON - "Principal": { - "Service": "elasticmapreduce.amazonaws.com" - }, @@ -41,0 +39 @@ JSON + "Resource": "arn:aws:iam::123456789012:role/EMRServiceRole", @@ -44 +42 @@ JSON - "aws:SourceAccount": "111122223333" + "aws:SourceAccount": "123456789012" @@ -47 +45 @@ JSON - "aws:SourceArn": "arn:aws:elasticmapreduce:region>:111122223333:*" + "aws:SourceArn": "arn:aws:elasticmapreduce:*:123456789012:*"