AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2026-01-25 · Documentation low

File: eks/latest/userguide/launch-node-ubuntu.md

Summary

Fixed IAM policy ARNs by replacing <shared> tags with valid arn:aws:iam paths for Ubuntu node groups.

Security assessment

Corrects invalid ARN syntax in example policies. No security implications as the policies themselves remain unchanged and no vulnerabilities are addressed.

Diff

diff --git a/eks/latest/userguide/launch-node-ubuntu.md b/eks/latest/userguide/launch-node-ubuntu.md
index 1dffb00f6..68d83b8fa 100644
--- a//eks/latest/userguide/launch-node-ubuntu.md
+++ b//eks/latest/userguide/launch-node-ubuntu.md
@@ -63,4 +63,4 @@ To deploy a node group to AWS Outposts, AWS Wavelength, or AWS Local Zone subnet
-              - <shared id="region.arn"/>iam::aws:policy/AmazonEKSWorkerNodePolicy
-              - <shared id="region.arn"/>iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
-              - <shared id="region.arn"/>iam::aws:policy/AmazonSSMManagedInstanceCore
-              - <shared id="region.arn"/>iam::aws:policy/AmazonEKS_CNI_Policy
+              - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
+              - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
+              - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
+              - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy