diff --git a/bin/playground-helpers.sh b/bin/playground-helpers.sh
index 3c7fd9b..d756ee4 100755
--- a/bin/playground-helpers.sh
+++ b/bin/playground-helpers.sh
@@ -446,7 +446,7 @@ function get_config() {
     [[ "${vision_one_region}" = "null" || "${vision_one_region}" = "" ]] && vision_one_region="us-east-1"
     [[ "${vision_one_cs_enabled}" = "null" || "${vision_one_cs_enabled}" = "" ]] && vision_one_cs_enabled=false
     [[ "${vision_one_cs_policy}" = "null" || "${vision_one_cs_policy}" = "" ]] && vision_one_cs_policy="LogOnlyPolicy"
-    [[ "${vision_one_cs_group_id}" = "null" || "${vision_one_cs_group_id}" = "" ]] && vision_one_cs_group_id="00000000-0000-0000-0000-000000000000"
+    [[ "${vision_one_cs_group_id}" = "null" || "${vision_one_cs_group_id}" = "" ]] && vision_one_cs_group_id="00000000-0000-0000-0000-000000000001"
     [[ "${vision_one_asrm_create_attackpath}" = "null" || "${vision_one_asrm_create_attackpath}" = "" ]] && vision_one_asrm_create_attackpath=false
     vision_one_map_api_url ${vision_one_region}
 
diff --git a/container/.PGO_VERSION b/container/.PGO_VERSION
index 2b7c5ae..17b2ccd 100644
--- a/container/.PGO_VERSION
+++ b/container/.PGO_VERSION
@@ -1 +1 @@
-0.4.2
+0.4.3
diff --git a/docs/getting-started/configuration.md b/docs/getting-started/configuration.md
index 6a285ba..ebb58ac 100644
--- a/docs/getting-started/configuration.md
+++ b/docs/getting-started/configuration.md
@@ -83,6 +83,15 @@ Examples:
 > 
 > `az account list | jq -r '.[] | [.name, .id] | @tsv'`
 
+If you intent to use the Playground One user on AWS run the following commands now:
+
+```sh
+pgo --init user
+pgo --apply user
+```
+
+This will create a user account in AWS with the necessary permissions only. The credetials are automatically set in the `config.yaml`.
+
 After bootstrapping you need to configure Playground One. To simplify the process use the built in configuration tool. An eventually already existing `config.yaml` will be saved as `config.yaml.bak`. Run
 
 ```sh
diff --git a/docs/getting-started/prepare.md b/docs/getting-started/prepare.md
index 9e85f07..a12ec2a 100644
--- a/docs/getting-started/prepare.md
+++ b/docs/getting-started/prepare.md
@@ -90,6 +90,11 @@ Eventually authenticate to AWS and/or Azure by either running
 ```sh
 # Not required when using Cloud9
 aws configure
+
+# Verify
+aws s3 ls
+
+# Should return a list of available S3 buckets
 ```
 
 and/or
diff --git a/docs/index.md b/docs/index.md
index 2a4567c..6845fb0 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -112,6 +112,14 @@ Vulnerabilities | grype | See [github.com/anchore/grype](https://github.com/anch
 
 ## Change Log
 
+***0.4.3***
+
+*Fixes*
+
+- Fix `pgoc` on arm64
+- Update documentation for PGO user initial setup
+- Update default `group_id` for Container Security on EKS clusters
+
 ***0.4.2***
 
 *Changes*