AWS Security ChangesHomeSearch

AWS emr documentation change

Service: emr · 2025-10-25 · Documentation low

File: emr/latest/ReleaseGuide/emr-hive-metastore-glue.md

Summary

Removed a KMS policy example granting Decrypt, Encrypt, and GenerateDataKey permissions

Security assessment

While KMS permissions are security-related, the removal of this example does not explicitly indicate a security fix. It may reflect updated service requirements or documentation streamlining without evidence of addressing a specific vulnerability.

Diff

diff --git a/emr/latest/ReleaseGuide/emr-hive-metastore-glue.md b/emr/latest/ReleaseGuide/emr-hive-metastore-glue.md
index 1113aa1bb..9c4c534cf 100644
--- a//emr/latest/ReleaseGuide/emr-hive-metastore-glue.md
+++ b//emr/latest/ReleaseGuide/emr-hive-metastore-glue.md
@@ -121,18 +120,0 @@ Otherwise, you must add the following statement to the permissions policy attach
-    
-    [
-        {
-            "Version": "2012-10-17",		 	 	 
-            "Statement": [
-                {
-                    "Effect": "Allow",
-                    "Action": [
-                        "kms:Decrypt",
-                        "kms:Encrypt",
-                        "kms:GenerateDataKey"
-                    ],
-                    "Resource": "arn:aws:kms:region:acct-id:key/12345678-1234-1234-1234-123456789012"
-                }
-            ]
-        }
-    ]
-