AWS Security ChangesHomeSearch

AWS rtb-fabric documentation change

Service: rtb-fabric · 2025-12-10 · Documentation low

File: rtb-fabric/latest/userguide/managed-endpoints.md

Summary

Added ec2:DescribeSubnets permission and updated IAM policy example

Security assessment

Routine permission expansion without security context. No vulnerability fixes or security features documented. Broadens IAM permissions but no evidence of security issue.

Diff

diff --git a/rtb-fabric/latest/userguide/managed-endpoints.md b/rtb-fabric/latest/userguide/managed-endpoints.md
index fb3d3d270..288b8f980 100644
--- a//rtb-fabric/latest/userguide/managed-endpoints.md
+++ b//rtb-fabric/latest/userguide/managed-endpoints.md
@@ -46,0 +47,2 @@ For Auto Scaling group managed endpoints, the IAM role must include the followin
+  * `ec2:DescribeSubnets`
+
@@ -110 +112 @@ The role must also allow the following permissions in its permissions policies:
-                "Sid": "EksEndpointsIpDiscovery",
+                "Sid": "AsgEndpointsIpDiscovery",
@@ -116 +118,2 @@ The role must also allow the following permissions in its permissions policies:
-                    "ec2:DescribeAvailabilityZones"
+                    "ec2:DescribeAvailabilityZones",
+                    "ec2:DescribeSubnets"
@@ -118,6 +121 @@ The role must also allow the following permissions in its permissions policies:
-                "Resource": "*",
-                "Condition": {
-                    "StringEquals": {
-                        "ec2:Region": "us-east-1"
-                    }
-                }
+                "Resource": "*"