AWS emr high security documentation change
Summary
Removed a section explaining that API requests must be signed with IAM credentials or AWS STS temporary security credentials.
Security assessment
The deleted content specifically addressed authentication requirements (signing requests with IAM/STS credentials), which is a core security control. Removing this documentation could mislead users into believing authentication is optional, increasing the risk of unauthorized API access.
Diff
diff --git a/emr/latest/EMR-on-EKS-DevelopmentGuide/infrastructure-security.md b/emr/latest/EMR-on-EKS-DevelopmentGuide/infrastructure-security.md index 9b4cc255e..75d9efec0 100644 --- a//emr/latest/EMR-on-EKS-DevelopmentGuide/infrastructure-security.md +++ b//emr/latest/EMR-on-EKS-DevelopmentGuide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access Amazon EMR through the network. Client -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -