AWS Security ChangesHomeSearch

AWS eks documentation change

Service: eks · 2026-05-13 · Documentation low

File: eks/latest/userguide/auth-configmap.md

Summary

Restructured configuration example into bullet points for clarity

Security assessment

Change improves readability of IAM role/user mapping documentation but doesn't address security vulnerabilities or introduce new security features.

Diff

diff --git a/eks/latest/userguide/auth-configmap.md b/eks/latest/userguide/auth-configmap.md
index 98f6b9109..bf68e825c 100644
--- a//eks/latest/userguide/auth-configmap.md
+++ b//eks/latest/userguide/auth-configmap.md
@@ -268 +268 @@ The `{{SessionName}}` and `{{SessionNameRaw}}` values are user-controlled when a
-\+ . For example, the following YAML block contains: **A`mapRoles` section that maps the IAM node instance to Kubernetes groups so that nodes can register themselves with the cluster and the `my-console-viewer-role` IAM role that is mapped to a Kubernetes group that can view all Kubernetes resources for all clusters. For a list of the IAM and Kubernetes group permissions required for the `my-console-viewer-role` IAM role, see [Required permissions](./view-kubernetes-resources.html#view-kubernetes-resources-permissions). ** A `mapUsers` section that maps the `admin` IAM user from the default AWS account to the `system:masters` Kubernetes group and the `my-user` user from a different AWS account that is mapped to a Kubernetes group that can view Kubernetes resources for a specific namespace. For a list of the IAM and Kubernetes group permissions required for the `my-user` IAM user, see [Required permissions](./view-kubernetes-resources.html#view-kubernetes-resources-permissions).
+For example, the following YAML block contains:
@@ -270 +270 @@ The `{{SessionName}}` and `{{SessionNameRaw}}` values are user-controlled when a
-\+ Add or remove lines as necessary and replace all example values with your own values.
+  * A `mapRoles` section that maps the IAM node instance to Kubernetes groups so that nodes can register themselves with the cluster and the `my-console-viewer-role` IAM role that is mapped to a Kubernetes group that can view all Kubernetes resources for all clusters. For a list of the IAM and Kubernetes group permissions required for the `my-console-viewer-role` IAM role, see [Required permissions](./view-kubernetes-resources.html#view-kubernetes-resources-permissions).
@@ -272 +272,6 @@ The `{{SessionName}}` and `{{SessionNameRaw}}` values are user-controlled when a
-+
+  * A `mapUsers` section that maps the `admin` IAM user from the default AWS account to the `system:masters` Kubernetes group and the `my-user` user from a different AWS account that is mapped to a Kubernetes group that can view Kubernetes resources for a specific namespace. For a list of the IAM and Kubernetes group permissions required for the `my-user` IAM user, see [Required permissions](./view-kubernetes-resources.html#view-kubernetes-resources-permissions).
+
+
+
+
+Add or remove lines as necessary and replace all example values with your own values.