AWS aws-backup medium security documentation change
Summary
Removed explicit reference to AWSBackupServiceRolePolicyForItemRestores managed policy and IAM role requirements for restores
Security assessment
The removed content specified critical IAM permissions required for secure restore operations. Omitting this guidance could lead to misconfigured roles and unauthorized access during restores.
Diff
diff --git a/aws-backup/latest/devguide/restoring-ebs.md b/aws-backup/latest/devguide/restoring-ebs.md index 5430431e4..9a72c64ea 100644 --- a//aws-backup/latest/devguide/restoring-ebs.md +++ b//aws-backup/latest/devguide/restoring-ebs.md @@ -21 +21 @@ When you restore to a gateway volume, you will need to specify a gateway in a re -Prior to starting a restore job of EBS resources to an Amazon S3 bucket, review [EBS permissions](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSBackupServiceRolePolicyForRestores.html) and [Amazon S3 restore permissions](./restoring-s3.html#s3-restore-permissions) for access requirements. The necessary permissions are contained in the managed policy [AWSBackupServiceRolePolicyForItemRestores](./security-iam-awsmanpol.html#AWSBackupServiceRolePolicyForItemRestores) and should be included in the [IAM role](./authentication.html) used for the restore operation. +Prior to starting a restore job of EBS resources to an Amazon S3 bucket, review [EBS permissions](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AWSBackupServiceRolePolicyForRestores.html) and [Amazon S3 restore permissions](./restoring-s3.html#s3-restore-permissions) for access requirements.