AWS pcs documentation change
Summary
Added option to let AWS PCS create a basic IAM instance profile with minimum policy for compute node groups
Security assessment
Simplifies secure IAM configuration but does not address a specific security flaw. Focuses on improving security posture through automation.
Diff
diff --git a/pcs/latest/userguide/working-with_cng_create.md b/pcs/latest/userguide/working-with_cng_create.md index e48a7f392..5fb67853e 100644 --- a//pcs/latest/userguide/working-with_cng_create.md +++ b//pcs/latest/userguide/working-with_cng_create.md @@ -53 +53 @@ AWS PCS creates a managed launch template for each compute node group. These are - 4. **IAM instance profile** – Choose an instance profile for the node group. An instance profile grants the instance permissions to access AWS resources and services securely. If you don't have one prepared, see [IAM instance profiles for AWS Parallel Computing Service](./security-instance-profiles.html) to learn how to create one. + 4. **IAM instance profile** – Choose an instance profile for the node group. An instance profile grants the instance permissions to access AWS resources and services securely. If you don't have one prepared, you can select **Create a basic profile** to have AWS PCS create one for you with the minimum policy, or see [IAM instance profiles for AWS Parallel Computing Service](./security-instance-profiles.html).