AWS AWSCloudFormation documentation change
Summary
Added descriptions for KeyARN (KMS encryption) and LogDestination properties, clarifying log encryption behavior.
Security assessment
The changes explicitly document encryption controls for EMR logs using KMS and fallback behavior. This improves security transparency but doesn't indicate a resolved vulnerability.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-resource-emr-step.md b/AWSCloudFormation/latest/TemplateReference/aws-resource-emr-step.md index 9d142535b..2dfddf200 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-resource-emr-step.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-resource-emr-step.md @@ -61 +61 @@ _Required_ : Yes -Property description not available. +The KMS key ARN to encrypt the logs published to the given Amazon S3 destination. When omitted, EMR falls back to cluster-level logging behavior. @@ -100 +100 @@ _Minimum_ : `0` -Property description not available. +The Amazon S3 destination URI for log publishing. When omitted, EMR falls back to cluster-level logging behavior.