AWS Security ChangesHomeSearch

AWS emr documentation change

Service: emr · 2026-04-25 · Documentation medium

File: emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md

Summary

Updated IAM trust policy example to include Principal block and restructured the statement

Security assessment

The change corrects an IAM policy example by adding a Principal (AWS) block and removing the Resource field, which aligns with IAM trust policy structure. This improves security documentation but does not indicate a specific security issue.

Diff

diff --git a/emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md b/emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md
index 171a9c259..af2eb4b0a 100644
--- a//emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md
+++ b//emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md
@@ -156,0 +157 @@ JSON
+              "Sid": "AllowSTSAssumerole",
@@ -158,5 +159,4 @@ JSON
-              "Action": [
-                "sts:AssumeRole"
-              ],
-              "Resource": "arn:aws:iam::123456789012:role/Job-Execution-Role-A",
-              "Sid": "AllowSTSAssumerole"
+              "Principal": {
+                "AWS": "arn:aws:iam::123456789012:role/Job-Execution-Role-A"
+              },
+              "Action": "sts:AssumeRole"