AWS emr documentation change
Summary
Corrected IAM trust policy structure for EMR service role
Security assessment
The change fixes the IAM policy structure by adding missing Principal block and Sid field, ensuring proper trust relationship with elasticmapreduce.amazonaws.com service. This improves security documentation by providing correct IAM policy examples.
Diff
diff --git a/emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md b/emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md index f5dc486ea..5fdb3aa99 100644 --- a//emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md +++ b//emr/latest/ManagementGuide/emr-managed-notebooks-service-role.md @@ -36,0 +37 @@ JSON + "Sid": "AllowSTSAssumerole", @@ -38,4 +39,4 @@ JSON - "Action": [ - "sts:AssumeRole" - ], - "Resource": "arn:aws:iam::123456789012:role/EMRServiceRole", + "Principal": { + "Service": "elasticmapreduce.amazonaws.com" + }, + "Action": "sts:AssumeRole", @@ -49,2 +50 @@ JSON - }, - "Sid": "AllowSTSAssumerole" + }