AWS Security ChangesHomeSearch

AWS emr documentation change

Service: emr · 2026-04-25 · Documentation medium

File: emr/latest/ManagementGuide/emr-emrfs-iam-roles.md

Summary

Updated IAM trust policy examples to include Principal blocks and restructured statements

Security assessment

The change adds Principal (AWS) blocks to IAM policy examples for EMRFS IAM roles, improving security documentation by showing correct trust policy structure. No evidence of a specific security vulnerability.

Diff

diff --git a/emr/latest/ManagementGuide/emr-emrfs-iam-roles.md b/emr/latest/ManagementGuide/emr-emrfs-iam-roles.md
index f753fb847..90b275270 100644
--- a//emr/latest/ManagementGuide/emr-emrfs-iam-roles.md
+++ b//emr/latest/ManagementGuide/emr-emrfs-iam-roles.md
@@ -51,0 +52 @@ JSON
+          "Sid": "AllowSTSAssumerole",
@@ -53,5 +54,4 @@ JSON
-          "Action": [
-            "sts:AssumeRole"
-          ],
-          "Resource": "arn:aws:iam::123456789012:role/EMR_EC2_DefaultRole",
-          "Sid": "AllowSTSAssumerole"
+          "Principal": {
+            "AWS": "arn:aws:iam::123456789012:role/EMR_EC2_DefaultRole"
+          },
+          "Action": "sts:AssumeRole"
@@ -75,0 +76 @@ JSON
+          "Sid": "AllowSTSAssumerole",
@@ -77,4 +78,2 @@ JSON
-          "Action": [
-            "sts:AssumeRole"
-          ],
-          "Resource": [
+          "Principal": {
+            "AWS": [
@@ -83,2 +82,3 @@ JSON
-          ],
-          "Sid": "AllowSTSAssumerole"
+            ]
+          },
+          "Action": "sts:AssumeRole"