AWS pcs documentation change
Summary
Added ec2:DescribeCapacityBlocks and ec2:DescribeCapacityBlockStatus permissions requirements
Security assessment
Expands IAM permission requirements for operational purposes. No evidence of security vulnerability being addressed. Standard permission update.
Diff
diff --git a/pcs/latest/userguide/capacity-blocks-configure-cng.md b/pcs/latest/userguide/capacity-blocks-configure-cng.md index 5a2930238..c223df2e7 100644 --- a//pcs/latest/userguide/capacity-blocks-configure-cng.md +++ b//pcs/latest/userguide/capacity-blocks-configure-cng.md @@ -25 +25 @@ When you create or update the compute node group: - * The IAM identity you use to create or update the compute node group must have the following permission: + * The IAM identity you use to create or update the compute node group must have the following permissions: @@ -27,0 +28,2 @@ When you create or update the compute node group: + ec2:DescribeCapacityBlocks + ec2:DescribeCapacityBlockStatus