AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2026-01-25 · Documentation low

File: eks/latest/userguide/workloads-add-ons-available-vendors.md

Summary

Fixed IAM policy ARN strings in vendor add-on setup commands by replacing invalid syntax with proper ARN formats

Security assessment

The updates correct documentation errors in policy ARNs but show no evidence of addressing a security vulnerability. The changes ensure accurate IAM role configuration for vendor add-ons, reducing potential misconfiguration risks. No security incident or vulnerability is referenced.

Diff

diff --git a/eks/latest/userguide/workloads-add-ons-available-vendors.md b/eks/latest/userguide/workloads-add-ons-available-vendors.md
index 9089ae1ba..d611c2cb0 100644
--- a//eks/latest/userguide/workloads-add-ons-available-vendors.md
+++ b//eks/latest/userguide/workloads-add-ons-available-vendors.md
@@ -71 +71 @@ The following command requires that you have an IAM OpenID Connect (OIDC) provid
-        --role-only --attach-policy-arn shared id="region.arn"/iam::aws:policy/AWSMarketplaceMeteringRegisterUsage --approve
+        --role-only --attach-policy-arn arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage --approve
@@ -183 +183 @@ The following command requires that you have an IAM OpenID Connect (OIDC) provid
-        --role-only --attach-policy-arn shared id="region.arn"/iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy --approve
+        --role-only --attach-policy-arn arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy --approve
@@ -302 +302 @@ The following command requires that you have an IAM OpenID Connect (OIDC) provid
-        --role-only --attach-policy-arn shared id="region.arn"/iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy --approve
+        --role-only --attach-policy-arn arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy --approve
@@ -328 +328 @@ The following command requires that you have an IAM OpenID Connect (OIDC) provid
-        --role-only --attach-policy-arn shared id="region.arn"/iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy --approve
+        --role-only --attach-policy-arn arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy --approve
@@ -376 +376 @@ The following command requires that you have an IAM OpenID Connect (OIDC) provid
-        --role-only --attach-policy-arn shared id="region.arn"/iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy --approve
+        --role-only --attach-policy-arn arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy --approve