AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2026-01-16 · Documentation low

File: eks/latest/best-practices/pod-security.md

Summary

Updated URL from markdown link syntax to plain URL format for Linux capabilities documentation

Security assessment

The change is purely presentational, converting a markdown link to a plain text URL. The security content about container privileges and capabilities remains unchanged, with no indication of addressing a vulnerability or modifying security guidance.

Diff

diff --git a/eks/latest/best-practices/pod-security.md b/eks/latest/best-practices/pod-security.md
index d7cac6901..207971afe 100644
--- a//eks/latest/best-practices/pod-security.md
+++ b//eks/latest/best-practices/pod-security.md
@@ -13 +13 @@ The pod specification includes a variety of different attributes that can streng
-The processes that run within a container run under the context of the [Linux] root user by default. Although the actions of root within a container are partially constrained by the set of Linux capabilities that the container runtime assigns to the containers, these default privileges could allow an attacker to escalate their privileges and/or gain access to sensitive information bound to the host, including Secrets and ConfigMaps. Below is a list of the default capabilities assigned to containers. For additional information about each capability, see [http://man7.org/linux/man-pages/man7/capabilities.7.html](http://man7.org/linux/man-pages/man7/capabilities.7.html).
+The processes that run within a container run under the context of the [Linux] root user by default. Although the actions of root within a container are partially constrained by the set of Linux capabilities that the container runtime assigns to the containers, these default privileges could allow an attacker to escalate their privileges and/or gain access to sensitive information bound to the host, including Secrets and ConfigMaps. Below is a list of the default capabilities assigned to containers. For additional information about each capability, see http://man7.org/linux/man-pages/man7/capabilities.7.html.