AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2026-03-19 · Documentation low

File: eks/latest/best-practices/identity-and-access-management.md

Summary

Fixed ARN placeholders in example IAM policy to use actual ARN format

Security assessment

The change replaces placeholder ARN syntax (&region-arn;) with actual ARN format (arn:aws:). This is a documentation correction that improves clarity but doesn't address a security vulnerability or add new security documentation.

Diff

diff --git a/eks/latest/best-practices/identity-and-access-management.md b/eks/latest/best-practices/identity-and-access-management.md
index 5bfa2acf5..c8536a432 100644
--- a//eks/latest/best-practices/identity-and-access-management.md
+++ b//eks/latest/best-practices/identity-and-access-management.md
@@ -601 +601 @@ This example S3 Bucket policy only grants access to objects in the S3 bucket it
-                    "AWS": "&region-arn;iam::111122223333:root"
+                    "AWS": "arn:aws:iam::111122223333:root"
@@ -605 +605 @@ This example S3 Bucket policy only grants access to objects in the S3 bucket it
-                    "&region-arn;s3:::ExampleBucket/*"
+                    "arn:aws:s3:::ExampleBucket/*"
@@ -610 +610 @@ This example S3 Bucket policy only grants access to objects in the S3 bucket it
-                        "aws:PrincipalTag/eks-cluster-arn": "&region-arn;eks:us-west-2:111122223333:cluster/ProductionCluster",
+                        "aws:PrincipalTag/eks-cluster-arn": "arn:aws:eks:us-west-2:111122223333:cluster/ProductionCluster",