AWS Security ChangesHomeSearch

AWS aws-backup documentation change

Service: aws-backup · 2025-10-16 · Documentation low

File: aws-backup/latest/devguide/working-with-audit-reports.md

Summary

Added 'Enhanced job report context' section detailing inclusion of vault security properties, backup plan configurations, and lifecycle settings in audit reports. Notes about permission requirements for new contextual data.

Security assessment

Documents improved auditing capabilities for security-relevant configurations (encryption, retention policies) but doesn't indicate remediation of a security flaw. Focuses on operational visibility improvements.

Diff

diff --git a/aws-backup/latest/devguide/working-with-audit-reports.md b/aws-backup/latest/devguide/working-with-audit-reports.md
index 4a2a1b787..714a84bbd 100644
--- a//aws-backup/latest/devguide/working-with-audit-reports.md
+++ b//aws-backup/latest/devguide/working-with-audit-reports.md
@@ -4,0 +5,2 @@
+Enhanced job report context
+
@@ -18 +20 @@ There are two types of reports. When you create a report, you choose which type
-One type is a **jobs report** , which shows jobs finished in the last 24 hours and all active jobs. Jobs reports do not display a status of `completed with issues`. To find this status, you can filter for `Completed` jobs with one or more status messages. AWS Backup will only include a status message as part of a `Completed` job's status if the message requires attention or action.
+One type is a **jobs report** , which shows jobs finished in the last 24 hours and all active jobs with comprehensive context about vault properties, backup plan configurations, and lifecycle settings. Jobs reports do not display a status of `completed with issues`. To find this status, you can filter for `Completed` jobs with one or more status messages. AWS Backup will only include a status message as part of a `Completed` job's status if the message requires attention or action.
@@ -29,0 +32,23 @@ To ensure reports generated by delegated administrator accounts show all member
+## Enhanced job report context
+
+AWS Backup Audit Manager job reports now include expanded context to help customers better understand backup operations, especially for delegated administrator accounts monitoring across organizations.
+
+The enhanced reports now include:
+
+  * _Vault information_ : Vault type, lock status, and encryption details
+
+  * _Backup plan context_ : Plan names, rule names, schedules, and timezones
+
+  * _Lifecycle settings_ : Retention periods and cold storage transition settings
+
+  * _Resource details_ : Resource names and enhanced job metadata
+
+
+
+
+This expanded context eliminates the need for additional API calls to DescribeBackupVault, DescribeBackupPlan, and DescribeRecoveryPoint, providing comprehensive job information in a single report.
+
+###### Note
+
+The expanded context provides information that previously required separate API calls with additional permissions. Ensure that users with access to these reports have appropriate permissions for the enhanced information being provided.
+