AWS Security ChangesHomeSearch

AWS aws-backup documentation change

Service: aws-backup · 2025-05-10 · Documentation low

File: aws-backup/latest/devguide/access-control.md

Summary

Removed a footnote explaining specific conditions requiring the `backup:TagResource` permission for tagging backups.

Security assessment

The change removes a documentation note about permission requirements but does not indicate a security vulnerability fix or introduce new security guidance. This appears to be a formatting or clarification edit rather than a security-related update.

Diff

diff --git a/aws-backup/latest/devguide/access-control.md b/aws-backup/latest/devguide/access-control.md
index ae97488c1..60c8da795 100644
--- a//aws-backup/latest/devguide/access-control.md
+++ b//aws-backup/latest/devguide/access-control.md
@@ -167 +167 @@ AWS Backup API and required permissions for actions AWS Backup API operations |
-[TagResource](./API_TagResource.html) | `backup:TagResource`4 | `arn:aws:backup:`region`:`account-id:`recovery-point:*`4  
+[TagResource](./API_TagResource.html) | `backup:TagResource` | `arn:aws:backup:`region`:`account-id:`recovery-point:*`4  
@@ -179,2 +178,0 @@ AWS Backup API and required permissions for actions AWS Backup API operations |
-4 Certain resource types require the role performing the backup to have a specific tagging permission `backup:TagResource` if you plan to either include original resource tags in your backup or add additional tags to a backup. Any backups with an ARN starting with `arn:aws:backup:`region`:`account-id`:recovery-point:` or a backup that is continuous requires this permission. `backup:TagResource` permission must be applied to `"`resourcetype`": "arn:aws:backup:`region`:`account-id:`recovery-point:*"`
-