AWS aws-backup documentation change
Summary
Clarified EBS snapshot copy behavior when using different KMS keys
Security assessment
Improves documentation about encryption impacts on backup operations but doesn't address a security vulnerability.
Diff
diff --git a/aws-backup/latest/devguide/cross-region-backup.md b/aws-backup/latest/devguide/cross-region-backup.md index fcd777add..7dc18a940 100644 --- a//aws-backup/latest/devguide/cross-region-backup.md +++ b//aws-backup/latest/devguide/cross-region-backup.md @@ -15 +15 @@ When you copy a backup to a new AWS Region for the first time, AWS Backup copies -An exception is Amazon EBS, where changing the encryption status of a snapshot during a copy operation [results in a full (not incremental) copy](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-copy-snapshot.html#creating-encrypted-snapshots). +An exception is Amazon EBS, where copying a snapshot to a vault that uses a different AWS KMS encryption key [results in a full (not incremental) copy](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-copy-snapshot.html#creating-encrypted-snapshots). If you consistently copy to the same vault with the same encryption key, subsequent copies remain incremental.