AWS Security ChangesHomeSearch

AWS aws-backup medium security documentation change

Service: aws-backup · 2025-05-10 · Security-related medium

File: aws-backup/latest/devguide/restoring-dynamodb.md

Summary

Updated KMS key parameter from 'KMSMasterKeyId' to 'kmsMasterKeyArn' in restore metadata example

Security assessment

Corrects the parameter name to use the ARN format for KMS keys, ensuring proper encryption key specification. Incorrect parameters could lead to misconfigured encryption, a security risk.

Diff

diff --git a/aws-backup/latest/devguide/restoring-dynamodb.md b/aws-backup/latest/devguide/restoring-dynamodb.md
index 5c8cea60a..47bd4534a 100644
--- a//aws-backup/latest/devguide/restoring-dynamodb.md
+++ b//aws-backup/latest/devguide/restoring-dynamodb.md
@@ -73 +73 @@ The following is an example of the `restoreMetadata` argument for a `StartRestor
-    --metadata 'TargetTableName=TestRestoreTestTable,EncryptionType=KMS,KMSMasterKeyId=arn:aws:kms:us-east-1:123456789012:key/abcdefg' \
+    --metadata 'TargetTableName=TestRestoreTestTable,EncryptionType=KMS,kmsMasterKeyArn=arn:aws:kms:us-east-1:123456789012:key/abcdefg' \