AWS aws-backup documentation change
Summary
Added detailed IAM policy examples with explicit principal declarations for KMS key access in backup encryption contexts.
Security assessment
The change improves documentation clarity around secure encryption configuration by providing concrete IAM policy examples. While this enhances security guidance, there is no evidence it addresses a specific security vulnerability.
Diff
diff --git a/aws-backup/latest/devguide/encryption.md b/aws-backup/latest/devguide/encryption.md index 30bf4dba5..075560b5b 100644 --- a//aws-backup/latest/devguide/encryption.md +++ b//aws-backup/latest/devguide/encryption.md @@ -86,0 +87,3 @@ These elements can look like: + { + "Version": "2012-10-17", + "Statement": [ @@ -89,0 +93,3 @@ These elements can look like: + "Principal": { + "AWS": "arn:aws:iam::123456789012:user/root" + }, @@ -100,0 +107,3 @@ These elements can look like: + "Principal": { + "AWS": "arn:aws:iam::123456789012:user/root" + }, @@ -116,0 +126,2 @@ These elements can look like: + ] + }