AWS AWSEC2 documentation change
Summary
Corrected AWS service role ARN in KMS grant example from spot.amazonaws.com to spotfleet.amazonaws.com
Security assessment
This change fixes an incorrect service principal reference in documentation, ensuring proper permission grants for Spot Fleet operations. While incorrect permissions could theoretically cause operational issues, there's no evidence this was actively exploited or represented a security vulnerability rather than a documentation error.
Diff
diff --git a/AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md b/AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md index 483927753..92149bfbe 100644 --- a//AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md +++ b//AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md @@ -245 +245 @@ When providing permissions, grants are an alternative to key policies. For more - --grantee-principal arn:aws:iam::111122223333:role/aws-service-role/spot.amazonaws.com/AWSServiceRoleForEC2Spot \ + --grantee-principal arn:aws:iam::111122223333:role/aws-service-role/spotfleet.amazonaws.com/AWSServiceRoleForEC2SpotFleet \