AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2026-01-16 · Documentation low

File: eks/latest/userguide/security-iam-troubleshoot.md

Summary

Updated ARN formatting in error examples and fixed STS endpoint URL syntax

Security assessment

The changes normalize ARN format placeholders and fix a URL formatting issue. No security vulnerabilities or security feature additions are addressed.

Diff

diff --git a/eks/latest/userguide/security-iam-troubleshoot.md b/eks/latest/userguide/security-iam-troubleshoot.md
index cf417f935..a4bd66499 100644
--- a//eks/latest/userguide/security-iam-troubleshoot.md
+++ b//eks/latest/userguide/security-iam-troubleshoot.md
@@ -21,2 +21,2 @@ If you receive an `AccessDeniedException` when calling an AWS API operation, the
-    User: arn:aws:iam::111122223333:user/user_name is not authorized to perform:
-    eks:DescribeCluster on resource: arn:aws:eks:region:111122223333:cluster/my-cluster
+    User: <shared id="region.arn"/>iam::111122223333:user/user_name is not authorized to perform:
+    eks:DescribeCluster on resource: <shared id="region.arn"/>eks:region:111122223333:cluster/my-cluster
@@ -72 +72 @@ To learn more, consult the following:
-Your containers receive this error if your application is explicitly making requests to the AWS STS global endpoint (` [https://sts.amazonaws](https://sts.amazonaws) `) and your Kubernetes service account is configured to use a regional endpoint. You can resolve the issue with one of the following options:
+Your containers receive this error if your application is explicitly making requests to the AWS STS global endpoint (`https://sts.amazonaws`) and your Kubernetes service account is configured to use a regional endpoint. You can resolve the issue with one of the following options:
@@ -76 +76 @@ Your containers receive this error if your application is explicitly making requ
-  * Update your application code to make explicit calls to regional endpoints such as ` [https://sts.us-west-2.amazonaws.com](https://sts.us-west-2.amazonaws.com) `. Your application should have redundancy built in to pick a different AWS Region in the event of a failure of the service in the AWS Region. For more information, see [Managing AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.
+  * Update your application code to make explicit calls to regional endpoints such as `https://sts.us-west-2.amazonaws.com`. Your application should have redundancy built in to pick a different AWS Region in the event of a failure of the service in the AWS Region. For more information, see [Managing AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.