AWS eks documentation change
Summary
Fixed IAM policy ARNs by replacing <shared> tags with valid arn:aws:iam paths for Ubuntu node groups.
Security assessment
Corrects invalid ARN syntax in example policies. No security implications as the policies themselves remain unchanged and no vulnerabilities are addressed.
Diff
diff --git a/eks/latest/userguide/launch-node-ubuntu.md b/eks/latest/userguide/launch-node-ubuntu.md index 1dffb00f6..68d83b8fa 100644 --- a//eks/latest/userguide/launch-node-ubuntu.md +++ b//eks/latest/userguide/launch-node-ubuntu.md @@ -63,4 +63,4 @@ To deploy a node group to AWS Outposts, AWS Wavelength, or AWS Local Zone subnet - - <shared id="region.arn"/>iam::aws:policy/AmazonEKSWorkerNodePolicy - - <shared id="region.arn"/>iam::aws:policy/AmazonEC2ContainerRegistryReadOnly - - <shared id="region.arn"/>iam::aws:policy/AmazonSSMManagedInstanceCore - - <shared id="region.arn"/>iam::aws:policy/AmazonEKS_CNI_Policy + - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy + - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly + - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore + - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy