AWS aws-backup documentation change
Summary
Added EncryptionKeyArn parameter documentation for specifying customer-managed KMS keys for vault encryption
Security assessment
Documents encryption configuration options but does not address a specific vulnerability. Enhances security documentation by clarifying encryption key management options.
Diff
diff --git a/aws-backup/latest/devguide/API_CreateLogicallyAirGappedBackupVault.md b/aws-backup/latest/devguide/API_CreateLogicallyAirGappedBackupVault.md index 1de80035f..55694357d 100644 --- a//aws-backup/latest/devguide/API_CreateLogicallyAirGappedBackupVault.md +++ b//aws-backup/latest/devguide/API_CreateLogicallyAirGappedBackupVault.md @@ -27,0 +28 @@ Do not include sensitive data, such as passport numbers, in the name of a backup + "EncryptionKeyArn": "string", @@ -68,0 +70,9 @@ Required: No +**EncryptionKeyArn ** + + +The ARN of the customer-managed KMS key to use for encrypting the logically air-gapped backup vault. If not specified, the vault will be encrypted with an AWS-owned key managed by AWS Backup. + +Type: String + +Required: No +