AWS glue medium security documentation change
Summary
Updated CatalogEncryptionServiceRole regex pattern reference from #52 to #53
Security assessment
Corrects validation for IAM roles used in encryption configuration. Previous pattern #52 matched root ARNs (potentially overprivileged), while #53 now properly validates IAM role ARNs. This prevents misconfiguration risks in KMS key usage.
Diff
diff --git a/glue/latest/dg/aws-glue-api-jobs-security.md b/glue/latest/dg/aws-glue-api-jobs-security.md index 8bf142cd5..ce45270ed 100644 --- a//glue/latest/dg/aws-glue-api-jobs-security.md +++ b//glue/latest/dg/aws-glue-api-jobs-security.md @@ -67 +67 @@ The ID of the AWS KMS key to use for encryption at rest. - * `CatalogEncryptionServiceRole` – UTF-8 string, matching the [Custom string pattern #52](./aws-glue-api-common.html#regex_52). + * `CatalogEncryptionServiceRole` – UTF-8 string, matching the [Custom string pattern #53](./aws-glue-api-common.html#regex_53).