AWS eks documentation change
Summary
Enhanced CloudTrail troubleshooting instructions with specific steps to enable error code visibility and filter permission-related errors
Security assessment
Adds detailed guidance for identifying security-related IAM errors (AccessDenied, UnauthorizedOperation) through CloudTrail monitoring. Improves security posture by helping detect misconfigurations but doesn't address a specific vulnerability.
Diff
diff --git a/eks/latest/userguide/auto-troubleshoot.md b/eks/latest/userguide/auto-troubleshoot.md index 5e71da690..0c3b71e3b 100644 --- a//eks/latest/userguide/auto-troubleshoot.md +++ b//eks/latest/userguide/auto-troubleshoot.md @@ -175 +175 @@ For more information, see [Managed resource visibility settings](https://docs.aw - 1. Navigate to CloudTrail console + 1. Navigate to the CloudTrail console. @@ -177 +177 @@ For more information, see [Managed resource visibility settings](https://docs.aw - 2. Select "Event History" from the left navigation pane + 2. Select **Event history** from the left navigation pane. @@ -179 +179 @@ For more information, see [Managed resource visibility settings](https://docs.aw - 3. Apply error code filters: + 3. Choose the settings (gear) icon in the top right of the Event history table and enable the **Error code** column. @@ -181 +181 @@ For more information, see [Managed resource visibility settings](https://docs.aw - * AccessDenied + 4. Review the **Error code** column for permission-related errors such as `AccessDenied`, `UnauthorizedOperation`, and `InvalidClientTokenId`. To narrow the list, filter by **Event source** (for example, `ec2.amazonaws.com` or `eks.amazonaws.com`) and a time range. @@ -183,3 +182,0 @@ For more information, see [Managed resource visibility settings](https://docs.aw - * UnauthorizedOperation - - * InvalidClientTokenId @@ -188,0 +186 @@ For more information, see [Managed resource visibility settings](https://docs.aw +For more precise filtering by error code across a larger time window, query a CloudTrail Lake event data store or create an Athena table (the **Query in Lake** and **Create Athena table** options at the top of the Event history page).