AWS Security ChangesHomeSearch

AWS eks high security documentation change

Service: eks · 2026-03-16 · Security-related high

File: eks/latest/userguide/efs-csi.md

Summary

Fixed OIDC provider ARN and condition keys

Security assessment

Accurate OIDC provider configuration prevents unauthorized service account role assumption. Critical for maintaining least privilege access.

Diff

diff --git a/eks/latest/userguide/efs-csi.md b/eks/latest/userguide/efs-csi.md
index 5d76e2a74..7afea5ba8 100644
--- a//eks/latest/userguide/efs-csi.md
+++ b//eks/latest/userguide/efs-csi.md
@@ -272 +272 @@ If the output from the command is `None`, review the **Prerequisites**.
-                "Federated": "&region-arn;iam::123456789012:oidc-provider/oidc.eks.&region_api_default;.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE"
+                "Federated": "arn:aws:iam::123456789012:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE"
@@ -277,2 +277,2 @@ If the output from the command is `None`, review the **Prerequisites**.
-                  "oidc.eks.&region_api_default;.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE:sub": "system:serviceaccount:kube-system:efs-csi-*",
-                  "oidc.eks.&region_api_default;.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE:aud": "sts.amazonaws.com"
+                  "oidc.eks.us-east-1.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE:sub": "system:serviceaccount:kube-system:efs-csi-*",
+                  "oidc.eks.us-east-1.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE:aud": "sts.amazonaws.com"