AWS Security ChangesHomeSearch

AWS aws-backup documentation change

Service: aws-backup · 2026-05-07 · Documentation low

File: aws-backup/latest/devguide/encryption.md

Summary

Corrected CloudFormation encryption terminology and fixed 'kms:ResourceAliases' typo in cross-region copy permissions.

Security assessment

Typo correction and terminology clarification. No security vulnerability addressed; changes improve accuracy but don't alter security posture.

Diff

diff --git a/aws-backup/latest/devguide/encryption.md b/aws-backup/latest/devguide/encryption.md
index 18e3bdb1f..b633c60a0 100644
--- a//aws-backup/latest/devguide/encryption.md
+++ b//aws-backup/latest/devguide/encryption.md
@@ -39 +39 @@ Amazon Redshift Serverless | Redshift Serverless snapshots are automatically enc
-CloudFormation | CloudFormation backups are always encrypted. The CloudFormation encryption key for CloudFormation backups is configured in the CloudFormation vault in which the CloudFormation backups are stored. | Supported  
+CloudFormation | CloudFormation backups are always encrypted. The AWS KMS encryption key for CloudFormation backups is configured in the AWS Backup vault in which the CloudFormation backups are stored. | Supported  
@@ -159 +159 @@ These permissions must be part of the key, whether it is AWS managed or customer
-Additionally, the key associated with the role initiating a cross-Region copy job must have `"kms:ResourcesAliases": "alias/aws/backup"` in the `DescribeKey` permission.
+Additionally, the key associated with the role initiating a cross-Region copy job must have `"kms:ResourceAliases": "alias/aws/backup"` in the `DescribeKey` permission.