AWS aws-backup medium security documentation change
Summary
Added details about required IAM permissions for EBS restores, specifically mentioning the AWSBackupServiceRolePolicyForItemRestores managed policy
Security assessment
Explicitly documents required security permissions for restore operations, including references to IAM roles and managed policies
Diff
diff --git a/aws-backup/latest/devguide/restoring-ebs.md b/aws-backup/latest/devguide/restoring-ebs.md index 9a72c64ea..5430431e4 100644 --- a//aws-backup/latest/devguide/restoring-ebs.md +++ b//aws-backup/latest/devguide/restoring-ebs.md @@ -21 +21 @@ When you restore to a gateway volume, you will need to specify a gateway in a re -Prior to starting a restore job of EBS resources to an Amazon S3 bucket, review [EBS permissions](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSBackupServiceRolePolicyForRestores.html) and [Amazon S3 restore permissions](./restoring-s3.html#s3-restore-permissions) for access requirements. +Prior to starting a restore job of EBS resources to an Amazon S3 bucket, review [EBS permissions](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSBackupServiceRolePolicyForRestores.html) and [Amazon S3 restore permissions](./restoring-s3.html#s3-restore-permissions) for access requirements. The necessary permissions are contained in the managed policy [AWSBackupServiceRolePolicyForItemRestores](./security-iam-awsmanpol.html#AWSBackupServiceRolePolicyForItemRestores) and should be included in the [IAM role](./authentication.html) used for the restore operation.