AWS Security ChangesHomeSearch

AWS AmazonRDS medium security documentation change

Service: AmazonRDS · 2025-08-10 · Security-related medium

File: AmazonRDS/latest/UserGuide/WhatsNew.md

Summary

Documented update to RDS Custom service-linked role policy regarding EBS CopySnapshot permissions

Security assessment

The policy update explicitly addresses authorization behavior for EBS snapshot operations, splitting permissions into source/destination controls. This indicates a security-related policy refinement to enforce least privilege access for snapshot copying operations.

Diff

diff --git a/AmazonRDS/latest/UserGuide/WhatsNew.md b/AmazonRDS/latest/UserGuide/WhatsNew.md
index 17f7386b5..da0f8983c 100644
--- a//AmazonRDS/latest/UserGuide/WhatsNew.md
+++ b//AmazonRDS/latest/UserGuide/WhatsNew.md
@@ -18,0 +19 @@ Change| Description| Date
+Amazon RDS Custom service-linked role policy updated| The AmazonRDSCustomServiceRolePolicy managed policy has been updated to comply with EBS CopySnapshot authorization behavior. The update removes `ec2:CopySnapshot` from one statement and adds two new statements for source and destination snapshot permissions. For more information, see [ Updates to AWS managed policies for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-managed-policy-updates.html).| August 7, 2025