AWS Security ChangesHomeSearch

AWS inspector documentation change

Service: inspector · 2026-06-04 · Documentation low

File: inspector/latest/user/scanning-ec2.md

Summary

Changed documentation about exclusion scope from 'encrypted EBS volume' to entire 'instance' for agentless scans

Security assessment

This is a documentation clarification about exclusion scope. While it relates to security scanning, there's no evidence of addressing a vulnerability. The change only corrects what can be excluded (entire instances vs volumes), with no security implications.

Diff

diff --git a/inspector/latest/user/scanning-ec2.md b/inspector/latest/user/scanning-ec2.md
index 051f7c970..ba7fdcd3e 100644
--- a//inspector/latest/user/scanning-ec2.md
+++ b//inspector/latest/user/scanning-ec2.md
@@ -265 +265 @@ You're not charged for excluded instances.
-Additionally, you can exclude an encrypted EBS volume from agentless scans by tagging the AWS KMS key used to encrypt that volume with the `InspectorEc2Exclusion` tag. For more information, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys). 
+Additionally, you can exclude an instance from agentless scans by tagging the AWS KMS key used to encrypt that volume with the `InspectorEc2Exclusion` tag. For more information, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys).