AWS emr documentation change
Summary
Fixed a typo and updated IAM policy example to include Principal block and restructure the statement
Security assessment
The change adds a Principal (Service) block to an IAM policy example for Secrets Manager access, which is a security best practice. The typo fix and restructuring improve clarity but do not address a specific security vulnerability.
Diff
diff --git a/emr/latest/EMR-Serverless-UserGuide/secrets-manager.md b/emr/latest/EMR-Serverless-UserGuide/secrets-manager.md index 6cfc16ad1..d25883379 100644 --- a//emr/latest/EMR-Serverless-UserGuide/secrets-manager.md +++ b//emr/latest/EMR-Serverless-UserGuide/secrets-manager.md @@ -33 +33 @@ The following examples demonstrate how to provide a secret in a configuration cl -In the examples, replace ``SecretName`` with the name of the secret to retrieve. . For more information, refer to How to create a secret. +In the examples, replace ``SecretName`` with the name of the secret to retrieve. For more information, refer to How to create a secret. @@ -149,0 +150 @@ JSON + "Sid": "AllowSECRETSMANAGERGetsecretvalue", @@ -150,0 +152,5 @@ JSON + "Principal": { + "Service": [ + "emr-serverless.amazonaws.com" + ] + }, @@ -162,2 +168 @@ JSON - }, - "Sid": "AllowSECRETSMANAGERGetsecretvalue" + }