awsdocs/amazon-emr-management-guide

Basic user session policy contains invalid actions

Closed this issue · 1 comments

GaboFDC commented

The example role:

https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html#emr-studio-basic-session-policy

https://github.com/awsdocs/amazon-emr-management-guide/blob/main/doc_source/emr-studio-user-role.md#example-basic-user-session-policy

Contains invalid actions, according to the console and documentation the following don't exist:

  • AttachEditor
  • DetachEditor
  • CreatePersistentAppUI
  • DescribePersistentAppUI
  • GetPersistentAppUIPresignedURL
  • GetOnClusterAppUIPresignedURL
  • CreateAccessTokenForManagedEndpoint

image

https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticmapreduce.html

ellkend-aws commented

@GaboFDC - Thank you for taking the time to submit this issue. The EMR team has recently updated the list of supported IAM actions to include those listed above, with the exception of CreateAccessTokenForManagedEndpoint. Another team owns the managed endpoint actions, so I will let that team know about this validation error.