AWS emr documentation change
Summary
Minor editorial changes including replacing 'view' with 'refer to/access', rephrasing sentences for clarity, and fixing table formatting (e.g., ABAC support line). No substantive content changes to IAM security policies or features.
Security assessment
Changes are purely editorial/grammatical improvements without altering security guidance. No new security controls, vulnerabilities, or mitigations are introduced. The ABAC support wording change maintains existing security capability documentation without modification to functionality.
Diff
diff --git a/emr/latest/EMR-Serverless-UserGuide/security-iam-serverless.md b/emr/latest/EMR-Serverless-UserGuide/security-iam-serverless.md index 8a73ab441..c64fa6df1 100644 --- a//emr/latest/EMR-Serverless-UserGuide/security-iam-serverless.md +++ b//emr/latest/EMR-Serverless-UserGuide/security-iam-serverless.md @@ -11 +11 @@ Before you use IAM to manage access to Amazon EMR Serverless, learn what IAM fea -IAM features you can use with EMR Serverless IAM feature | Amazon EMR Serverless support +IAM features use with EMR Serverless IAM feature | Amazon EMR Serverless support @@ -25 +25 @@ Service-linked roles | Yes -To get a high-level view of how EMR Serverless and other AWS services work with most IAM features, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the _IAM User Guide_. +To get a high-level view of how EMR Serverless and other AWS services work with most IAM features, refer to [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the _IAM User Guide_. @@ -37 +37 @@ With IAM identity-based policies, you can specify allowed or denied actions and -To view examples of Amazon EMR Serverless identity-based policies, see [Identity-based policy examples for EMR Serverless](./security-iam-id-based-policy-examples.html). +To access examples of Amazon EMR Serverless identity-based policies, refer to [Identity-based policy examples for EMR Serverless](./security-iam-id-based-policy-examples.html). @@ -57 +57 @@ Include actions in a policy to grant permissions to perform the associated opera -To see a list of EMR Serverless actions, see [Actions, resources, and condition keys for Amazon EMR Serverless](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemrserverless.html) in the _Service Authorization Reference_. +To refer to a list of EMR Serverless actions, refer to [Actions, resources, and condition keys for Amazon EMR Serverless](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemrserverless.html) in the _Service Authorization Reference_. @@ -72 +72 @@ To specify multiple actions in a single statement, separate them with commas. -To view examples of Amazon EMR Serverless identity-based policies, see [Identity-based policy examples for EMR Serverless](./security-iam-id-based-policy-examples.html). +To access examples of Amazon EMR Serverless identity-based policies, refer to [Identity-based policy examples for EMR Serverless](./security-iam-id-based-policy-examples.html). @@ -87 +87 @@ For actions that don't support resource-level permissions, such as listing opera -To see a list of Amazon EMR Serverless resource types and their ARNs, see [Resources defined by Amazon EMR Serverless](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticmapreduce.html#amazonelasticmapreduce-resources-for-iam-policies) in the _Service Authorization Reference_. To learn which actions you can specify the ARN of each resource, see [Actions, resources, and condition keys for Amazon EMR Serverless](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemrserverless.html). +To refer to a list of Amazon EMR Serverless resource types and their ARNs, see [Resources defined by Amazon EMR Serverless](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticmapreduce.html#amazonelasticmapreduce-resources-for-iam-policies) in the _Service Authorization Reference_. To learn which actions specify the ARN of each resource, refer to [Actions, resources, and condition keys for Amazon EMR Serverless](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemrserverless.html). @@ -89 +89 @@ To see a list of Amazon EMR Serverless resource types and their ARNs, see [Resou -To view examples of Amazon EMR Serverless identity-based policies, see [Identity-based policy examples for EMR Serverless](./security-iam-id-based-policy-examples.html). +To access examples of Amazon EMR Serverless identity-based policies, refer to [Identity-based policy examples for EMR Serverless](./security-iam-id-based-policy-examples.html). @@ -93 +93 @@ To view examples of Amazon EMR Serverless identity-based policies, see [Identity -Supports service-specific policy condition keys | No +Policy condition keys support Supports service-specific policy condition keys | No @@ -106 +106 @@ AWS supports global condition keys and service-specific condition keys. To see a -To see a list of Amazon EMR Serverless condition keys and to learn which actions and resources you can use a condition key, see [Actions, resources, and condition keys for Amazon EMR Serverless](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemrserverless.html) in the _Service Authorization Reference_. +To refer to a list of Amazon EMR Serverless condition keys and to learn which actions and resources you can use a condition key, refer to [Actions, resources, and condition keys for Amazon EMR Serverless](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemrserverless.html) in the _Service Authorization Reference_. @@ -108 +108 @@ To see a list of Amazon EMR Serverless condition keys and to learn which actions -All Amazon EC2 actions support the `aws:RequestedRegion` and `ec2:Region` condition keys. For more information, see [Example: Restricting access to a specific region](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ExamplePolicies_EC2.html#iam-example-region). +All Amazon EC2 actions support the `aws:RequestedRegion` and `ec2:Region` condition keys. For more information, refer to [Example: Restricting access to a specific region](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ExamplePolicies_EC2.html#iam-example-region). @@ -118 +118 @@ Access control lists (ACLs) control which principals (account members, users, or -Supports ABAC (tags in policies) | Yes +Attribute-based access control (ABAC) support Supports ABAC (tags in policies) | Yes @@ -157 +157 @@ Supports service-linked roles | Yes -For details about creating or managing service-linked roles, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html). Find a service in the table that includes a `Yes` in the **Service-linked role** column. Choose the **Yes** link to view the service-linked role documentation for that service. +For details about creating or managing service-linked roles, refer to [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html). Find a service in the table that includes a `Yes` in the **Service-linked role** column. Choose the **Yes** link to access the service-linked role documentation for that service.