AWS privateca documentation change
Summary
Added new AWSPrivateCAConnectorForKubernetesPolicy managed policy documentation
Security assessment
Introduces documentation for a new security-related IAM policy for Kubernetes integration, but does not address a specific security vulnerability
Diff
diff --git a/privateca/latest/userguide/auth-AwsManagedPolicies.md b/privateca/latest/userguide/auth-AwsManagedPolicies.md index b07b3e76a..88b0e75b6 100644 --- a//privateca/latest/userguide/auth-AwsManagedPolicies.md +++ b//privateca/latest/userguide/auth-AwsManagedPolicies.md @@ -187,0 +188,18 @@ Grant access to read-only API operations and permission to generate a CA audit r +Grants essential permissions for the AWS Private CA Connector for Kubernetes. + + + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "acm-pca:DescribeCertificateAuthority", + "acm-pca:GetCertificate", + "acm-pca:IssueCertificate" + ], + "Resource": "arn:aws:acm-pca:*:*:certificate-authority/*" + } + ] + } + @@ -193,0 +212 @@ Managed policy changes Change | Description | Date +New Policy: AWSPrivateCAConnectorForKubernetesPolicy | New mananged policy introduced for use with AWS Private CA Connector for Kubernetes. | May 19, 2025