AWS Security ChangesHomeSearch

AWS emr documentation change

Service: emr · 2026-04-25 · Documentation medium

File: emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md

Summary

Updated IAM trust policy example to include Principal block and restructured the statement

Security assessment

The change adds a Principal (AWS) block to an IAM policy example for cross-account access, improving security documentation. No evidence of a specific security vulnerability.

Diff

diff --git a/emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md b/emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md
index 63315984b..923d1aefb 100644
--- a//emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md
+++ b//emr/latest/EMR-on-EKS-DevelopmentGuide/security-cross-account.md
@@ -115,0 +116 @@ JSON
+              "Sid": "AllowSTSAssumerole",
@@ -117,7 +118,4 @@ JSON
-              "Action": [
-                "sts:AssumeRole"
-              ],
-              "Resource": [
-                "arn:aws:iam::*:role/Job-Execution-Role-A"
-              ],
-              "Sid": "AllowSTSAssumerole"
+              "Principal": {
+                "AWS": "arn:aws:iam::123456789012:role/Job-Execution-Role-A"
+              },
+              "Action": "sts:AssumeRole"