AWS Security ChangesHomeSearch

AWS emr documentation change

Service: emr · 2025-08-25 · Documentation low

File: emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md

Summary

Removed explicit service principal, added Resource field, and updated account IDs in policy examples

Security assessment

Policy restructuring focuses on resource specification and account alignment but lacks explicit security context (e.g., no vulnerability addressed).

Diff

diff --git a/emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md b/emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md
index 3c7b03050..2501e1a14 100644
--- a//emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md
+++ b//emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md
@@ -36,3 +35,0 @@ JSON
-          "Principal": {
-            "Service": "elasticmapreduce.amazonaws.com"
-          },
@@ -41,0 +39 @@ JSON
+          "Resource": "arn:aws:iam::123456789012:role/EMRServiceRole",
@@ -44 +42 @@ JSON
-              "aws:SourceAccount": "111122223333"
+              "aws:SourceAccount": "123456789012"
@@ -47 +45 @@ JSON
-              "aws:SourceArn": "arn:aws:elasticmapreduce:region>:111122223333:*"
+              "aws:SourceArn": "arn:aws:elasticmapreduce:*:123456789012:*"