AWS eks documentation change
Summary
Removed hyperlink formatting from a security group tag reference.
Security assessment
The change only removes Markdown link syntax around 'kubernetes.io/cluster/$name' without altering the security guidance. The content still describes the same security group tagging best practice. No security vulnerability is addressed or introduced.
Diff
diff --git a/eks/latest/best-practices/sgpp.md b/eks/latest/best-practices/sgpp.md index 5c59b730a..5648c494f 100644 --- a//eks/latest/best-practices/sgpp.md +++ b//eks/latest/best-practices/sgpp.md @@ -104 +104 @@ Amazon EKS allows you to use network policy engines such as [Calico](https://pro -When many security groups are allocated to a Pod, Amazon EKS recommends tagging a single security group with [`kubernetes.io/cluster/$name`](http://kubernetes.io/cluster/$name) shared or owned. The tag allows the AWS Loadbalancer Controller to update the rules of security groups to route traffic to the Pods. If just one security group is given to a Pod, the assignment of a tag is optional. Permissions set in a security group are additive, therefore tagging a single security group is sufficient for the loadbalancer controller to locate and reconcile the rules. It also helps to adhere to the [default quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-security-groups) defined by security groups. +When many security groups are allocated to a Pod, Amazon EKS recommends tagging a single security group with `kubernetes.io/cluster/$name` shared or owned. The tag allows the AWS Loadbalancer Controller to update the rules of security groups to route traffic to the Pods. If just one security group is given to a Pod, the assignment of a tag is optional. Permissions set in a security group are additive, therefore tagging a single security group is sufficient for the loadbalancer controller to locate and reconcile the rules. It also helps to adhere to the [default quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-security-groups) defined by security groups.