AWS Security ChangesHomeSearch

AWS AWSEC2 documentation change

Service: AWSEC2 · 2025-05-16 · Documentation low

File: AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md

Summary

Corrected AWS service role ARN in KMS grant example from spot.amazonaws.com to spotfleet.amazonaws.com

Security assessment

This change fixes an incorrect service principal reference in documentation, ensuring proper permission grants for Spot Fleet operations. While incorrect permissions could theoretically cause operational issues, there's no evidence this was actively exploited or represented a security vulnerability rather than a documentation error.

Diff

diff --git a/AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md b/AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md
index 483927753..92149bfbe 100644
--- a//AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md
+++ b//AWSEC2/latest/UserGuide/spot-fleet-prerequisites.md
@@ -245 +245 @@ When providing permissions, grants are an alternative to key policies. For more
-        --grantee-principal arn:aws:iam::111122223333:role/aws-service-role/spot.amazonaws.com/AWSServiceRoleForEC2Spot \
+        --grantee-principal arn:aws:iam::111122223333:role/aws-service-role/spotfleet.amazonaws.com/AWSServiceRoleForEC2SpotFleet \