AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2025-04-23 · Documentation low

File: eks/latest/userguide/hybrid-nodes-creds.md

Summary

Updated references to 'hybrid-nodes-iam-roles-anywhere>>' to 'Setup AWS IAM Roles Anywhere' for clarity and corrected link formatting.

Security assessment

The changes involve correcting documentation links and improving text clarity. While the content relates to IAM Roles Anywhere (a security feature), there is no evidence of addressing a specific security vulnerability or adding new security documentation.

Diff

diff --git a/eks/latest/userguide/hybrid-nodes-creds.md b/eks/latest/userguide/hybrid-nodes-creds.md
index cfabeb235..3b01a184d 100644
--- a//eks/latest/userguide/hybrid-nodes-creds.md
+++ b//eks/latest/userguide/hybrid-nodes-creds.md
@@ -296 +296 @@ Install and configure the AWS CLI, if you haven’t already. See [Installing or
-To use AWS IAM Roles Anywhere, you must set up your AWS IAM Roles Anywhere trust anchor before creating the Hybrid Nodes IAM Role. See hybrid-nodes-iam-roles-anywhere>> for instructions.
+To use AWS IAM Roles Anywhere, you must set up your AWS IAM Roles Anywhere trust anchor before creating the Hybrid Nodes IAM Role. See Setup AWS IAM Roles Anywhere for instructions.
@@ -298 +298 @@ To use AWS IAM Roles Anywhere, you must set up your AWS IAM Roles Anywhere trust
-  1. Create a file named `eks-hybrid-iamra-trust.json`. Replace `TRUST_ANCHOR ARN` with the ARN of the trust anchor you created in the hybrid-nodes-iam-roles-anywhere>> steps. The condition in this trust policy restricts the ability of AWS IAM Roles Anywhere to assume the Hybrid Nodes IAM role to exchange temporary IAM credentials only when the role session name matches the CN in the x509 certificate installed on your hybrid nodes. You can alternatively use other certificate attributes to uniquely identify your node. The certificate attribute that you use in the trust policy must correspond to the `nodeName` you set in your `nodeadm` configuration. For more information, see the [Hybrid nodes nodeadm reference](./hybrid-nodes-nodeadm.html).
+  1. Create a file named `eks-hybrid-iamra-trust.json`. Replace `TRUST_ANCHOR ARN` with the ARN of the trust anchor you created in the Setup AWS IAM Roles Anywhere steps. The condition in this trust policy restricts the ability of AWS IAM Roles Anywhere to assume the Hybrid Nodes IAM role to exchange temporary IAM credentials only when the role session name matches the CN in the x509 certificate installed on your hybrid nodes. You can alternatively use other certificate attributes to uniquely identify your node. The certificate attribute that you use in the trust policy must correspond to the `nodeName` you set in your `nodeadm` configuration. For more information, see the [Hybrid nodes nodeadm reference](./hybrid-nodes-nodeadm.html).
@@ -478 +478 @@ To use AWS IAM Roles Anywhere, you must set up your AWS IAM Roles Anywhere trust
-To use AWS IAM Roles Anywhere, you must set up your AWS IAM Roles Anywhere trust anchor before creating the Hybrid Nodes IAM Role. See hybrid-nodes-iam-roles-anywhere>> for instructions.
+To use AWS IAM Roles Anywhere, you must set up your AWS IAM Roles Anywhere trust anchor before creating the Hybrid Nodes IAM Role. See Setup AWS IAM Roles Anywhere for instructions.
@@ -488 +488 @@ To use AWS IAM Roles Anywhere, you must set up your AWS IAM Roles Anywhere trust
-    1. In the **Trusted entity type section** , choose **Custom trust policy**. Paste the following into the Custom trust policy editor. Replace `TRUST_ANCHOR ARN` with the ARN of the trust anchor you created in the hybrid-nodes-iam-roles-anywhere>> steps. The condition in this trust policy restricts the ability of AWS IAM Roles Anywhere to assume the Hybrid Nodes IAM role to exchange temporary IAM credentials only when the role session name matches the CN in the x509 certificate installed on your hybrid nodes. You can alternatively use other certificate attributes to uniquely identify your node. The certificate attribute that you use in the trust policy must correspond to the nodeName you set in your nodeadm configuration. For more information, see the [Hybrid nodes nodeadm reference](./hybrid-nodes-nodeadm.html).
+    1. In the **Trusted entity type section** , choose **Custom trust policy**. Paste the following into the Custom trust policy editor. Replace `TRUST_ANCHOR ARN` with the ARN of the trust anchor you created in the Setup AWS IAM Roles Anywhere steps. The condition in this trust policy restricts the ability of AWS IAM Roles Anywhere to assume the Hybrid Nodes IAM role to exchange temporary IAM credentials only when the role session name matches the CN in the x509 certificate installed on your hybrid nodes. You can alternatively use other certificate attributes to uniquely identify your node. The certificate attribute that you use in the trust policy must correspond to the nodeName you set in your nodeadm configuration. For more information, see the [Hybrid nodes nodeadm reference](./hybrid-nodes-nodeadm.html).