AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2026-01-16 · Documentation low

File: eks/latest/userguide/cross-account-access.md

Summary

Replaced hardcoded ARNs with '<shared id="region.arn"/>' placeholder in role annotations and configuration examples

Security assessment

Changes standardize ARN documentation format without modifying cross-account security practices or addressing vulnerabilities.

Diff

diff --git a/eks/latest/userguide/cross-account-access.md b/eks/latest/userguide/cross-account-access.md
index 16f38b837..050655395 100644
--- a//eks/latest/userguide/cross-account-access.md
+++ b//eks/latest/userguide/cross-account-access.md
@@ -22 +22 @@ In this example, Account A provides Account B with the OpenID Connect (OIDC) iss
-        eks.amazonaws.com/role-arn: arn:aws:iam::444455556666:role/account-b-role
+        eks.amazonaws.com/role-arn: <shared id="region.arn"/>iam::444455556666:role/account-b-role
@@ -83 +83 @@ The application code for Pods to assume Account B’s role uses two profiles: `a
-    role_arn=arn:aws:iam::444455556666:role/account-b-role
+    role_arn=<shared id="region.arn"/>iam::444455556666:role/account-b-role
@@ -87 +87 @@ The application code for Pods to assume Account B’s role uses two profiles: `a
-    role_arn=arn:aws:iam::111122223333:role/account-a-role
+    role_arn=<shared id="region.arn"/>iam::111122223333:role/account-a-role