AWS emr high security documentation change
Summary
Updated policy version to 2012-10-17, removed wildcard principals, and adjusted S3 resources
Security assessment
Removing 'Principal': '*' and updating to a secure policy version mitigates unauthorized access risks in the example IAM policy.
Diff
diff --git a/emr/latest/ManagementGuide/private-subnet-iampolicy.md b/emr/latest/ManagementGuide/private-subnet-iampolicy.md index 6da303805..b52e16cba 100644 --- a//emr/latest/ManagementGuide/private-subnet-iampolicy.md +++ b//emr/latest/ManagementGuide/private-subnet-iampolicy.md @@ -32 +32 @@ JSON - "Version": "2008-10-17", + "Version": "2012-10-17", @@ -37 +36,0 @@ JSON - "Principal": "*", @@ -43 +41,0 @@ JSON - "arn:aws:s3:::repo.us-east-1.amazonaws.com/", @@ -50 +47,0 @@ JSON - "Principal": "*",