AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2026-01-16 · Documentation low

File: eks/latest/userguide/capabilities-troubleshooting.md

Summary

Updated CLI command formatting and added placeholders for user-specific values

Security assessment

Changes involve adding <replaceable> tags to commands and fixing command syntax. This improves documentation clarity but doesn't address security vulnerabilities or introduce security-related content. The permission checks mentioned are standard troubleshooting steps.

Diff

diff --git a/eks/latest/userguide/capabilities-troubleshooting.md b/eks/latest/userguide/capabilities-troubleshooting.md
index 94833f051..5b53e6288 100644
--- a//eks/latest/userguide/capabilities-troubleshooting.md
+++ b//eks/latest/userguide/capabilities-troubleshooting.md
@@ -40 +40 @@ All EKS Capabilities provide health information through the EKS console and the
-  1. Open the Amazon EKS console at [https://console.aws.amazon.com/eks/home#/clusters](https://console.aws.amazon.com/eks/home#/clusters).
+  1. Open the Amazon EKS console at https://console.aws.amazon.com/eks/home#/clusters.
@@ -108 +108 @@ EKS Capabilities create and manage Kubernetes Custom Resource Definitions (CRDs)
-    kubectl get resource-kind -A
+    kubectl get <replaceable>resource-kind</replaceable> -A
@@ -111,2 +111 @@ EKS Capabilities create and manage Kubernetes Custom Resource Definitions (CRDs)
-    kubectl describe resource-kind
-             resource-name -n namespace
+    kubectl describe <replaceable>resource-kind</replaceable> <replaceable>resource-name</replaceable> -n <replaceable>namespace</replaceable>
@@ -115,2 +114 @@ EKS Capabilities create and manage Kubernetes Custom Resource Definitions (CRDs)
-    kubectl get resource-kind
-             resource-name -n namespace -o jsonpath='{.status.conditions}'
+    kubectl get <replaceable>resource-kind</replaceable> <replaceable>resource-name</replaceable> -n <replaceable>namespace</replaceable> -o jsonpath='{.status.conditions}'
@@ -119,2 +117 @@ EKS Capabilities create and manage Kubernetes Custom Resource Definitions (CRDs)
-    kubectl get events --field-selector involvedObject.name=resource-name -n namespace
-          
+    kubectl get events --field-selector involvedObject.name=<replaceable>resource-name</replaceable> -n <replaceable>namespace</replaceable>
@@ -143 +140 @@ Verify the Capability Role has the necessary permissions:
-    aws iam list-attached-role-policies --role-name my-capability-role
+    aws iam list-attached-role-policies --role-name <replaceable>my-capability-role</replaceable>
@@ -146 +143 @@ Verify the Capability Role has the necessary permissions:
-    aws iam list-role-policies --role-name my-capability-role
+    aws iam list-role-policies --role-name <replaceable>my-capability-role</replaceable>
@@ -149 +146 @@ Verify the Capability Role has the necessary permissions:
-    aws iam get-role-policy --role-name my-capability-role --policy-name policy-name
+    aws iam get-role-policy --role-name <replaceable>my-capability-role</replaceable> --policy-name <replaceable>policy-name</replaceable>
@@ -152 +149 @@ Verify the Capability Role has the necessary permissions:
-    aws iam get-role --role-name my-capability-role --query 'Role.AssumeRolePolicyDocument'
+    aws iam get-role --role-name <replaceable>my-capability-role</replaceable> --query 'Role.AssumeRolePolicyDocument'
@@ -178,3 +175,2 @@ All capabilities require proper EKS Access Entries and Access Policies on the cl
-      --cluster-name my-cluster \
-      --region region-code
-             
+      --cluster-name <replaceable>my-cluster</replaceable> \
+      --region <replaceable>region-code</replaceable>
@@ -188,4 +184,3 @@ Look for the Capability Role ARN in the list. If missing, the capability cannot
-      --cluster-name my-cluster \
-      --principal-arn arn:aws:iam::111122223333:role/my-capability-role \
-      --region region-code
-             
+      --cluster-name <replaceable>my-cluster</replaceable> \
+      --principal-arn <replaceable>arn:aws:iam::111122223333:role/my-capability-role</replaceable> \
+      --region <replaceable>region-code</replaceable>
@@ -211,4 +206,3 @@ If deploying to remote clusters, verify the Capability Role has an Access Entry
-      --cluster-name target-cluster \
-      --principal-arn arn:aws:iam::111122223333:role/argocd-capability-role \
-      --region region-code
-             
+      --cluster-name <replaceable>target-cluster</replaceable> \
+      --principal-arn <replaceable>arn:aws:iam::111122223333:role/argocd-capability-role</replaceable> \
+      --region <replaceable>region-code</replaceable>