AWS eks documentation change
Summary
Clarified that step 2 can be skipped if not using a custom KMS key for EBS volume encryption
Security assessment
The change provides clearer instructions about IAM role configuration for KMS usage but does not address a specific security vulnerability or add new security documentation.
Diff
diff --git a/eks/latest/userguide/ebs-csi.md b/eks/latest/userguide/ebs-csi.md index 31207d89c..934a46d20 100644 --- a/eks/latest/userguide/ebs-csi.md +++ b/eks/latest/userguide/ebs-csi.md @@ -93 +93 @@ The specific steps in this procedure are written for using the driver as an Amaz - 2. If you use a custom [KMS key](https://aws.amazon.com/kms/) for encryption on your Amazon EBS volumes, customize the IAM role as needed. For example, do the following: + 2. You can skip this step if you do not use a custom [KMS key](https://aws.amazon.com/kms/). If you use one for encryption on your Amazon EBS volumes, customize the IAM role as needed. For example, do the following: