AWS Security ChangesHomeSearch

AWS aws-backup documentation change

Service: aws-backup · 2025-08-10 · Documentation low

File: aws-backup/latest/devguide/encryption.md

Summary

Corrected KMS key example from 'aws/ec2' to 'aws/ebs' for EC2 backup copy jobs

Security assessment

Fixes documentation error to prevent operational failures but does not address security vulnerabilities.

Diff

diff --git a/aws-backup/latest/devguide/encryption.md b/aws-backup/latest/devguide/encryption.md
index bd4bbed12..d155e30b3 100644
--- a//aws-backup/latest/devguide/encryption.md
+++ b//aws-backup/latest/devguide/encryption.md
@@ -54 +54 @@ Before you copy a backup from one account to another (cross-account copy job) or
-For a copy of a recovery point of a resource that is **not fully managed** by AWS Backup, the key associated to the destination vault must be a CMK or the managed key of the service that owns the underlying resource. For example, if you are copying an EC2 instance, a Backup managed key cannot be used. Instead, a CMK or Amazon EC2 KMS key (`aws/ec2`) must be used to avoid copy job failure.
+For a copy of a recovery point of a resource that is **not fully managed** by AWS Backup, the key associated to the destination vault must be a CMK or the managed key of the service that owns the underlying resource. For example, if you are copying an EC2 instance, a Backup managed key cannot be used. Instead, a CMK or Amazon EBS KMS key (`aws/ebs`) must be used to avoid copy job failure.