diff --git a/.changes/1.33.2.json b/.changes/1.33.2.json
new file mode 100644
index 000000000000..37f6a1e3f974
--- /dev/null
+++ b/.changes/1.33.2.json
@@ -0,0 +1,22 @@
+[
+  {
+    "category": "``globalaccelerator``",
+    "description": "This release contains a new optional ip-addresses input field for the update accelerator and update custom routing accelerator apis. This input enables consumers to replace IPv4 addresses on existing accelerators with addresses provided in the input.",
+    "type": "api-change"
+  },
+  {
+    "category": "``glue``",
+    "description": "AWS Glue now supports native SaaS connectivity: Salesforce connector available now",
+    "type": "api-change"
+  },
+  {
+    "category": "``s3``",
+    "description": "Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality.",
+    "type": "api-change"
+  },
+  {
+    "category": "emr customization",
+    "description": "Update the EC2 service principal when creating the trust policy for EMR default roles to always be ec2.amazonaws.com.",
+    "type": "bugfix"
+  }
+]
\ No newline at end of file
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 9e749cdc40cf..cf6ca5adc7f4 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -2,6 +2,15 @@
 CHANGELOG
 =========
 
+1.33.2
+======
+
+* api-change:``globalaccelerator``: This release contains a new optional ip-addresses input field for the update accelerator and update custom routing accelerator apis. This input enables consumers to replace IPv4 addresses on existing accelerators with addresses provided in the input.
+* api-change:``glue``: AWS Glue now supports native SaaS connectivity: Salesforce connector available now
+* api-change:``s3``: Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality.
+* bugfix:emr customization: Update the EC2 service principal when creating the trust policy for EMR default roles to always be ec2.amazonaws.com.
+
+
 1.33.1
 ======
 
diff --git a/awscli/__init__.py b/awscli/__init__.py
index 7e22bfed924e..b67f5dccc474 100644
--- a/awscli/__init__.py
+++ b/awscli/__init__.py
@@ -17,7 +17,7 @@
 """
 import os
 
-__version__ = '1.33.1'
+__version__ = '1.33.2'
 
 #
 # Get our data path to be added to botocore's search path
diff --git a/awscli/customizations/emr/constants.py b/awscli/customizations/emr/constants.py
index 25c18b46ec87..8d2bb51a6bbe 100644
--- a/awscli/customizations/emr/constants.py
+++ b/awscli/customizations/emr/constants.py
@@ -22,6 +22,7 @@
 EMR_AUTOSCALING_ROLE_POLICY_NAME = "AmazonElasticMapReduceforAutoScalingRole"
 EMR_AUTOSCALING_SERVICE_NAME = "application-autoscaling"
 EMR_AUTOSCALING_SERVICE_PRINCIPAL = "application-autoscaling.amazonaws.com"
+EC2_SERVICE_PRINCIPAL = "ec2.amazonaws.com"
 
 # Action on failure
 CONTINUE = 'CONTINUE'
diff --git a/awscli/customizations/emr/createdefaultroles.py b/awscli/customizations/emr/createdefaultroles.py
index 164f97354575..11c7c0e0580a 100644
--- a/awscli/customizations/emr/createdefaultroles.py
+++ b/awscli/customizations/emr/createdefaultroles.py
@@ -24,6 +24,7 @@
 from awscli.customizations.emr.command import Command
 from awscli.customizations.emr.constants import EC2
 from awscli.customizations.emr.constants import EC2_ROLE_NAME
+from awscli.customizations.emr.constants import EC2_SERVICE_PRINCIPAL
 from awscli.customizations.emr.constants import ROLE_ARN_PATTERN
 from awscli.customizations.emr.constants import EMR
 from awscli.customizations.emr.constants import EMR_ROLE_NAME
@@ -64,6 +65,9 @@ def get_role_policy_arn(region, policy_name):
 
 
 def get_service_principal(service, endpoint_host, session=None):
+    if service == EC2:
+        return EC2_SERVICE_PRINCIPAL
+
     suffix, region = _get_suffix_and_region_from_endpoint_host(endpoint_host)
     if session is None:
         session = botocore.session.Session()
@@ -277,7 +281,7 @@ def _create_role_with_role_policy(
                 service_principal.append(get_service_principal(
                     service, self.emr_endpoint_url, self._session))
 
-        LOG.debug(service_principal)
+        LOG.debug(f'Adding service principal(s) to trust policy: {service_principal}')
 
         parameters = {'RoleName': role_name}
         _assume_role_policy = \
diff --git a/doc/source/conf.py b/doc/source/conf.py
index 3da39e4aabd4..d52747b6065f 100644
--- a/doc/source/conf.py
+++ b/doc/source/conf.py
@@ -52,7 +52,7 @@
 # The short X.Y version.
 version = '1.33'
 # The full version, including alpha/beta/rc tags.
-release = '1.33.1'
+release = '1.33.2'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
diff --git a/setup.cfg b/setup.cfg
index 61033535e3fb..baf0c0065855 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -3,7 +3,7 @@ universal = 0
 
 [metadata]
 requires_dist =
-        botocore==1.34.119
+        botocore==1.34.120
         docutils>=0.10,<0.17
         s3transfer>=0.10.0,<0.11.0
         PyYAML>=3.10,<6.1
diff --git a/setup.py b/setup.py
index bf8694025f8a..0a7ecde8d800 100644
--- a/setup.py
+++ b/setup.py
@@ -24,7 +24,7 @@ def find_version(*file_paths):
 
 
 install_requires = [
-    'botocore==1.34.119',
+    'botocore==1.34.120',
     'docutils>=0.10,<0.17',
     's3transfer>=0.10.0,<0.11.0',
     'PyYAML>=3.10,<6.1',
diff --git a/tests/unit/customizations/emr/test_create_default_role.py b/tests/unit/customizations/emr/test_create_default_role.py
index 960ee97da66e..c8ba5bd7c54a 100644
--- a/tests/unit/customizations/emr/test_create_default_role.py
+++ b/tests/unit/customizations/emr/test_create_default_role.py
@@ -110,7 +110,7 @@ class TestCreateDefaultRole(BaseAWSCommandParamsTest):
             {
                 "Sid": "",
                 "Effect": "Allow",
-                "Principal": {"Service": "ec2.amazonaws.com.cn"},
+                "Principal": {"Service": "ec2.amazonaws.com"},
                 "Action": "sts:AssumeRole"
             }
         ]
diff --git a/tests/unit/customizations/emr/test_get_service_principal.py b/tests/unit/customizations/emr/test_get_service_principal.py
index f7cccd83e795..c657f2bc2085 100644
--- a/tests/unit/customizations/emr/test_get_service_principal.py
+++ b/tests/unit/customizations/emr/test_get_service_principal.py
@@ -19,14 +19,15 @@
 
 class TestEmrConfig(unittest.TestCase):
     ec2_service = "ec2"
+    ec2_service_principal = "ec2.amazonaws.com"
     emr_service = "elasticmapreduce"
     endpoint1 = "https://ap-southeast-1.elasticmapreduce.abc/"
     endpoint2 = "https://elasticmapreduce.abcd.def.ghi"
-    endpoint3 = "https://grabage.nothing.com"
+    endpoint3 = "https://garbage.nothing.com"
     expected_result1 = "elasticmapreduce.abc"
     expected_result2 = "elasticmapreduce.def.ghi"
 
-    def test_get_service_principal(self):
+    def test_get_emr_service_principal(self):
         msg = "Generated Service Principal does not match the expected" + \
             "Service Principal"
 
@@ -37,9 +38,14 @@ def test_get_service_principal(self):
         self.assertEqual(result2, self.expected_result2, msg)
 
         self.assertRaises(ResolveServicePrincipalError,
-                          get_service_principal, self.ec2_service,
+                          get_service_principal, self.emr_service,
                           self.endpoint3)
 
+    def test_get_ec2_service_principal(self):
+        self.assertEqual(get_service_principal(self.ec2_service, self.endpoint1), self.ec2_service_principal)
+        self.assertEqual(get_service_principal(self.ec2_service, self.endpoint2), self.ec2_service_principal)
+        self.assertEqual(get_service_principal(self.ec2_service, self.endpoint3), self.ec2_service_principal)
+
 
 if __name__ == "__main__":
     unittest.main()