AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2025-08-10 · Documentation medium

File: eks/latest/userguide/create-node-class.md

Summary

Added 'associatePublicIPAddress' configuration option (default false) and corrected 'uses' to 'uses' in volume encryption description.

Security assessment

The 'associatePublicIPAddress' parameter addition helps prevent accidental exposure of nodes to public internet, improving security posture. However, there's no evidence this addresses a specific known vulnerability. The typo fix has no security impact.

Diff

diff --git a/eks/latest/userguide/create-node-class.md b/eks/latest/userguide/create-node-class.md
index 600b7df71..a251d6d50 100644
--- a//eks/latest/userguide/create-node-class.md
+++ b//eks/latest/userguide/create-node-class.md
@@ -176,0 +177,5 @@ For information about deploying CloudFormation stacks, see [Getting started with
+      advancedNetworking:
+        # Optional: Controls whether public IP addresses are assigned to instances that are launched with the nodeclass.
+        # If not set, defaults to the MapPublicIpOnLaunch setting on the subnet.
+        associatePublicIPAddress: false
+    
@@ -179 +183,0 @@ For information about deploying CloudFormation stacks, see [Getting started with
-      advancedNetworking:
@@ -214 +218 @@ For information about deploying CloudFormation stacks, see [Getting started with
-  * **Volume Encryption** \- EKS users the configued custom KMS key to encrypt the read-only root volume of the instance and the read/write data volume.
+  * **Volume Encryption** \- EKS uses the configured custom KMS key to encrypt the read-only root volume of the instance and the read/write data volume.