AWS Security ChangesHomeSearch

AWS ebs high security documentation change

Service: ebs · 2026-04-28 · Security-related high

File: ebs/latest/userguide/ebs-encryption-requirements.md

Summary

Corrected KMS permission name from GenerateDataKeyWithoutPlainText to GenerateDataKeyWithoutPlaintext

Security assessment

Fixes critical IAM permission name that could cause encryption failures if used incorrectly. Incorrect permissions could lead to unencrypted EBS volumes, creating data exposure risks.

Diff

diff --git a/ebs/latest/userguide/ebs-encryption-requirements.md b/ebs/latest/userguide/ebs-encryption-requirements.md
index ce0617f03..706ace657 100644
--- a//ebs/latest/userguide/ebs-encryption-requirements.md
+++ b//ebs/latest/userguide/ebs-encryption-requirements.md
@@ -44 +44 @@ When you use a KMS key for EBS encryption, the KMS key policy allows any user wi
-  * `kms:GenerateDataKeyWithoutPlainText`
+  * `kms:GenerateDataKeyWithoutPlaintext`