AWS resilience-hub high security documentation change
Summary
Removed AssumeRole policy examples
Security assessment
Deleted cross-account access policies critical for EKS integration security
Diff
diff --git a/resilience-hub/latest/userguide/grant-permissions-to-eks-in-arh.md b/resilience-hub/latest/userguide/grant-permissions-to-eks-in-arh.md index b009845b8..5b0ae5773 100644 --- a//resilience-hub/latest/userguide/grant-permissions-to-eks-in-arh.md +++ b//resilience-hub/latest/userguide/grant-permissions-to-eks-in-arh.md @@ -25,13 +24,0 @@ The `caller_IAM_role` is the role that is associated with your AWS user account. - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "AWS": "arn:aws:iam::eks_cluster_account_id:role/caller_IAM_role" - }, - "Action": "sts:AssumeRole" - } - ] - } - @@ -44,13 +30,0 @@ As a prerequisite, to access Amazon EKS cluster that is deployed in a different - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "AWS": "arn:aws:iam::eks_cluster_account_id:role/AwsResilienceHubExecutorRole" - }, - "Action": "sts:AssumeRole" - } - ] - } -