AWS aws-backup documentation change
Summary
Corrected CloudFormation encryption terminology and fixed 'kms:ResourceAliases' typo in cross-region copy permissions.
Security assessment
Typo correction and terminology clarification. No security vulnerability addressed; changes improve accuracy but don't alter security posture.
Diff
diff --git a/aws-backup/latest/devguide/encryption.md b/aws-backup/latest/devguide/encryption.md index 18e3bdb1f..b633c60a0 100644 --- a//aws-backup/latest/devguide/encryption.md +++ b//aws-backup/latest/devguide/encryption.md @@ -39 +39 @@ Amazon Redshift Serverless | Redshift Serverless snapshots are automatically enc -CloudFormation | CloudFormation backups are always encrypted. The CloudFormation encryption key for CloudFormation backups is configured in the CloudFormation vault in which the CloudFormation backups are stored. | Supported +CloudFormation | CloudFormation backups are always encrypted. The AWS KMS encryption key for CloudFormation backups is configured in the AWS Backup vault in which the CloudFormation backups are stored. | Supported @@ -159 +159 @@ These permissions must be part of the key, whether it is AWS managed or customer -Additionally, the key associated with the role initiating a cross-Region copy job must have `"kms:ResourcesAliases": "alias/aws/backup"` in the `DescribeKey` permission. +Additionally, the key associated with the role initiating a cross-Region copy job must have `"kms:ResourceAliases": "alias/aws/backup"` in the `DescribeKey` permission.