AWS eks documentation change
Summary
Removed section about Pod Security Policy (PSP) configuration requirements
Security assessment
While PSPs are security-related, this change removes deprecated configuration guidance rather than addressing an active security issue or adding new security documentation.
Diff
diff --git a/eks/latest/userguide/security-groups-for-pods.md b/eks/latest/userguide/security-groups-for-pods.md index 6e93a7ef8..ec747ff22 100644 --- a//eks/latest/userguide/security-groups-for-pods.md +++ b//eks/latest/userguide/security-groups-for-pods.md @@ -42,13 +41,0 @@ Before deploying security groups for Pods, consider the following limitations an - * If you’re also using Pod security policies to restrict access to Pod mutation, then the `eks:vpc-resource-controller` Kubernetes user must be specified in the Kubernetes `ClusterRoleBinding` for the `role` that your `psp` is assigned to. If you’re using the default Amazon EKS `psp`, `role`, and `ClusterRoleBinding`, this is the `eks:podsecuritypolicy:authenticated` `ClusterRoleBinding`. For example, you add the user to the `subjects:` section, as shown in the following example: - - [...] - subjects: - - kind: Group - apiGroup: rbac.authorization.k8s.io - name: system:authenticated - - apiGroup: rbac.authorization.k8s.io - kind: User - name: eks:vpc-resource-controller - - kind: ServiceAccount - name: eks-vpc-resource-controller -