AWS Security ChangesHomeSearch

AWS prescriptive-guidance medium security documentation change

Service: prescriptive-guidance · 2025-09-28 · Security-related medium

File: prescriptive-guidance/latest/patterns/ensure-encryption-for-amazon-emr-data-at-rest-is-enabled-at-launch.md

Summary

Replaced 'Ensure that an IAM profile is associated with an EC2 instance' with 'Help prevent scheduled KMS key deletion'

Security assessment

Change shifts focus from IAM profile security to KMS key protection, both security-critical controls

Diff

diff --git a/prescriptive-guidance/latest/patterns/ensure-encryption-for-amazon-emr-data-at-rest-is-enabled-at-launch.md b/prescriptive-guidance/latest/patterns/ensure-encryption-for-amazon-emr-data-at-rest-is-enabled-at-launch.md
index 11eba28e5..f62d371e6 100644
--- a//prescriptive-guidance/latest/patterns/ensure-encryption-for-amazon-emr-data-at-rest-is-enabled-at-launch.md
+++ b//prescriptive-guidance/latest/patterns/ensure-encryption-for-amazon-emr-data-at-rest-is-enabled-at-launch.md
@@ -161 +161 @@ Ensure AWS load balancers use secure listener protocols
-Ensure that an IAM profile is associated with an EC2 instance
+Help prevent scheduled KMS key deletion