AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2025-08-22 · Documentation low

File: eks/latest/userguide/configure-sts-endpoint.md

Summary

Removed version-specific table and simplified documentation about configuring AWS STS endpoint types for service accounts.

Security assessment

The change removes version compatibility details but does not address a specific security vulnerability. While configuring STS endpoints (e.g., regional endpoints) is a security best practice, the modification focuses on simplifying documentation rather than introducing or clarifying security features.

Diff

diff --git a/eks/latest/userguide/configure-sts-endpoint.md b/eks/latest/userguide/configure-sts-endpoint.md
index b449afd11..4eaf99a75 100644
--- a//eks/latest/userguide/configure-sts-endpoint.md
+++ b//eks/latest/userguide/configure-sts-endpoint.md
@@ -11,10 +11 @@ To contribute to this user guide, choose the **Edit this page on GitHub** link t
-If you’re using a Kubernetes service account with [IAM roles for service accounts](./iam-roles-for-service-accounts.html), then you can configure the type of AWS Security Token Service endpoint that’s used by the service account if your cluster and platform version are the same or later than those listed in the following table. If your Kubernetes or platform version are earlier than those listed in the table, then your service accounts can only use the global endpoint.
-
-Kubernetes version | Platform version | Default endpoint type  
----|---|---  
-`1.31` |  `eks.4` |  Regional  
-`1.30` |  `eks.2` |  Regional  
-`1.29` |  `eks.1` |  Regional  
-`1.28` |  `eks.1` |  Regional  
-`1.27` |  `eks.1` |  Regional  
-`1.26` |  `eks.1` |  Regional  
+If you’re using a Kubernetes service account with [IAM roles for service accounts](./iam-roles-for-service-accounts.html), then you can configure the type of AWS Security Token Service endpoint that’s used by the service account.