AWS Security ChangesHomeSearch

AWS emr documentation change

Service: emr · 2025-10-19 · Documentation low

File: emr/latest/EMR-Serverless-UserGuide/security-best-practices.md

Summary

Modified language about execution role permissions from 'recommend' to 'suggest' while maintaining security guidance

Security assessment

Change softens advisory language but maintains security best practice guidance about least-privilege permissions. No evidence of addressing a specific security vulnerability - stylistic change to existing security documentation.

Diff

diff --git a/emr/latest/EMR-Serverless-UserGuide/security-best-practices.md b/emr/latest/EMR-Serverless-UserGuide/security-best-practices.md
index 9edcd79f7..9fdeed0e5 100644
--- a//emr/latest/EMR-Serverless-UserGuide/security-best-practices.md
+++ b//emr/latest/EMR-Serverless-UserGuide/security-best-practices.md
@@ -13 +13 @@ Amazon EMR Serverless provides a number of security features to consider as you
-EMR Serverless provides a granular access policy for applications using IAM roles, such as execution roles. We recommend that execution roles be granted only the minimum set of privileges required by the job, such as covering your application and access to log destination. We also recommend auditing the jobs for permissions on a regular basis and upon any change to application code.
+EMR Serverless provides a granular access policy for applications using IAM roles, such as execution roles. We suggest that execution roles be granted only the minimum set of privileges required by the job, such as covering your application and access to log destination. We also recommend auditing the jobs for permissions on a regular basis and upon any change to application code.