AWS Security ChangesHomeSearch

AWS aws-backup documentation change

Service: aws-backup · 2025-05-10 · Documentation medium

File: aws-backup/latest/devguide/encryption.md

Summary

Added detailed IAM policy examples with explicit principal declarations for KMS key access in backup encryption contexts.

Security assessment

The change improves documentation clarity around secure encryption configuration by providing concrete IAM policy examples. While this enhances security guidance, there is no evidence it addresses a specific security vulnerability.

Diff

diff --git a/aws-backup/latest/devguide/encryption.md b/aws-backup/latest/devguide/encryption.md
index 30bf4dba5..075560b5b 100644
--- a//aws-backup/latest/devguide/encryption.md
+++ b//aws-backup/latest/devguide/encryption.md
@@ -86,0 +87,3 @@ These elements can look like:
+    {
+        "Version": "2012-10-17",
+        "Statement": [
@@ -89,0 +93,3 @@ These elements can look like:
+              "Principal": {
+                  "AWS": "arn:aws:iam::123456789012:user/root"
+              },
@@ -100,0 +107,3 @@ These elements can look like:
+              "Principal": {
+                  "AWS": "arn:aws:iam::123456789012:user/root"
+              },
@@ -116,0 +126,2 @@ These elements can look like:
+        ]
+    }