AWS emr documentation change
Summary
Updated IAM trust policy example to include Principal block and restructured the statement
Security assessment
The change corrects an IAM policy example by adding a Principal (AWS) block and removing the Resource field, which aligns with IAM trust policy structure. This improves security documentation but does not indicate a specific security issue.
Diff
diff --git a/emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md b/emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md index 171a9c259..af2eb4b0a 100644 --- a//emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md +++ b//emr/latest/EMR-Serverless-UserGuide/jobs-s3-access.md @@ -156,0 +157 @@ JSON + "Sid": "AllowSTSAssumerole", @@ -158,5 +159,4 @@ JSON - "Action": [ - "sts:AssumeRole" - ], - "Resource": "arn:aws:iam::123456789012:role/Job-Execution-Role-A", - "Sid": "AllowSTSAssumerole" + "Principal": { + "AWS": "arn:aws:iam::123456789012:role/Job-Execution-Role-A" + }, + "Action": "sts:AssumeRole"