AWS eks documentation change
Summary
Added RBAC permissions for creating, updating, and escalating Kubernetes roles and clusterroles to the required permissions table.
Security assessment
This change documents required Kubernetes RBAC permissions for cluster operations. While it relates to security controls, there is no evidence of addressing a specific vulnerability or incident. It enhances documentation of existing security features.
Diff
diff --git a/eks/latest/userguide/access-policy-permissions.md b/eks/latest/userguide/access-policy-permissions.md index c7e537542..48a937e36 100644 --- a//eks/latest/userguide/access-policy-permissions.md +++ b//eks/latest/userguide/access-policy-permissions.md @@ -542,0 +543 @@ Kubernetes API groups | Kubernetes resources | Kubernetes verbs (permissions) +`rbac.authorization.k8s.io` | `roles`, `clusterroles` | `create`, `update`, `escalate`