AWS eks high security documentation change
Summary
Fixed KMS ViaService endpoint and root ARN reference
Security assessment
Explicit KMS service endpoint restriction prevents key misuse in other regions/services. Adds security best practice documentation for encryption configuration.
Diff
diff --git a/eks/latest/userguide/create-storage-class.md b/eks/latest/userguide/create-storage-class.md index 74ae259a8..f84660973 100644 --- a//eks/latest/userguide/create-storage-class.md +++ b//eks/latest/userguide/create-storage-class.md @@ -102 +102 @@ Update the following values in the policy below: - "AWS": "®ion-arn;iam::123456789012:root" + "AWS": "arn:aws:iam::123456789012:root" @@ -125 +125 @@ Update the following values in the policy below: - "kms:ViaService": "ec2.®ion_api_default;.amazonaws.com" + "kms:ViaService": "ec2.us-east-1.amazonaws.com"