AWS Security ChangesHomeSearch

AWS sap high security documentation change

Service: sap · 2025-04-25 · Security-related high

File: sap/latest/sap-hana/aws-backint-agent-signature.md

Summary

Restructured documentation with clearer headings for signature verification process, updated public key name formatting, and minor typo fixes

Security assessment

The changes emphasize proper signature verification procedures for the AWS Backint Agent, including explicit warnings about not installing the agent if fingerprint verification fails. This directly addresses software integrity validation to prevent installation of tampered packages, which is a security-critical process.

Diff

diff --git a/sap/latest/sap-hana/aws-backint-agent-signature.md b/sap/latest/sap-hana/aws-backint-agent-signature.md
index be4b86a6c..b221fae53 100644
--- a//sap/latest/sap-hana/aws-backint-agent-signature.md
+++ b//sap/latest/sap-hana/aws-backint-agent-signature.md
@@ -4,0 +5,2 @@
+Verify the signature
+
@@ -9 +11,3 @@ The source file of AWS Backint agent (`aws-backint-agent.tar.gz`) and AWS Backin
-###### Automatic signature verification
+## Verify the signature
+
+**Automatic signature verification**
@@ -13 +17 @@ To enable automatic signature verification during agent installation, see the pa
-###### To verify the AWS Backint agent package on a Linux server
+**To verify the AWS Backint agent package on a Linux server**
@@ -28 +32 @@ To enable automatic signature verification during agent installation, see the pa
-    gpg: key 1E65925B: public key "AWS Backint Agent" imported
+    gpg: key 1E65925B: public key "{aws} Backint Agent" imported
@@ -45 +49 @@ The fingerprint should be equal to the following:
-If the fingerprint string doesn't match, don't install the agent. Contact Amazon Web Services.
+If the fingerprint string doesn’t match, don’t install the agent. Contact Amazon Web Services.
@@ -85 +89 @@ If the output includes the phrase `BAD signature`, check whether you performed t
-A key is trusted only if you or someone you trust has signed it. If you receive a warning about trust, this doesn't mean that the signature is invalid. Instead, it means that you have not verified the public key.
+A key is trusted only if you or someone you trust has signed it. If you receive a warning about trust, this doesn’t mean that the signature is invalid. Instead, it means that you have not verified the public key.