AWS eks documentation change
Summary
Corrected IAM policy ARNs by removing invalid <shared> tags and using full arn:aws:iam paths.
Security assessment
Fixes documentation errors in IAM policy ARNs but does not alter security policies or address vulnerabilities. Incorrect ARNs could cause deployment failures but don't introduce security risks.
Diff
diff --git a/eks/latest/userguide/launch-node-bottlerocket.md b/eks/latest/userguide/launch-node-bottlerocket.md index 8810967ae..dee282cb0 100644 --- a//eks/latest/userguide/launch-node-bottlerocket.md +++ b//eks/latest/userguide/launch-node-bottlerocket.md @@ -76,4 +76,4 @@ To deploy a node group to AWS Outposts, AWS Wavelength, or AWS Local Zone subnet - - <shared id="region.arn"/>iam::aws:policy/AmazonEKSWorkerNodePolicy - - <shared id="region.arn"/>iam::aws:policy/AmazonEC2ContainerRegistryReadOnly - - <shared id="region.arn"/>iam::aws:policy/AmazonSSMManagedInstanceCore - - <shared id="region.arn"/>iam::aws:policy/AmazonEKS_CNI_Policy + - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy + - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly + - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore + - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy