Managed policies for AWS Backup
Managed policies are standalone identity-based policies that you can attach to multiple users, groups, and roles in your AWS account. When you attach a policy to a principal entity, you give the entity the permissions that are defined in the policy.
AWS managed policies are created and administered by AWS.
Customer managed policies give you fine-grained controls to set access to backups in AWS Backup. For example, you can use them to give your database backup administrator access to Amazon RDS backups but not Amazon EFS ones.
Customer managed policies
One way to create a customer managed policy is to start by copying an existing AWS managed policy. That way you know that the policy is correct at the beginning, and all you need to do is customize it to your environment.
The following policies specify backup and restore permissions for individual AWS Backup-supported AWS services and third-party applications. They can be customized and attached to roles that you create to further limit access to AWS resources.
The following policies specify backup permissions for individual AWS Backup-supported AWS services and third-party applications. They can be customized and attached to roles that you create to further limit access to AWS resources.
The following policies specify restore permissions for individual AWS Backup-supported AWS services and third-party applications. They can be customized and attached to roles that you create to further limit access to AWS resources.
To restore an encrypted backup, do one of the following
-
Add your role to the allowlist for the AWS Key Management Service (AWS KMS) key policy
-
Attach this policy to your IAM role for restores:
{ "Action": [ "kms:DescribeKey", "kms:Decrypt", "kms:Encrypt", "kms:GenerateDataKey", "kms:ReEncrypt*" ], "Effect": "Allow", "Resource": "*" }
AWS managed policies
AWS managed policies are designed to provide permissions for many common use cases. AWS managed policies make it easier for you to assign appropriate permissions to users, groups, and roles than if you had to write the policies yourself.
However, you can't change the permissions defined in AWS managed policies. AWS occasionally updates the permissions defined in an AWS managed policy. When this occurs, the update affects all principal entities (users, groups, and roles) that the policy is attached to.
AWS Backup provides several AWS managed policies for common use cases. These policies make it easier to define the right permissions and control access to your backups. There are two types of managed policies. One type is designed to be assigned to users to control their access to AWS Backup. The other type of managed policy is designed to be attached to roles that you pass to AWS Backup. The following table lists all the managed policies that AWS Backup provides and describes how they are defined. You can find these managed policies in the Policies section of the IAM console.
Policy | Managed policy name | Description |
---|---|---|
AWS Backup Service Linked Role Policy for Backup | AWSBackupServiceLinkedRolePolicyforBackup |
This policy is attached to the service-linked role named AWSServiceRoleforBackup to allow AWS Backup to call AWS services on your behalf to manage your backups. For more information, see Service-linked role permissions for AWS Backup. |
AWS Backup Data Transfer Access | AWSBackupDataTransferAccess | This policy provides permissions for AWS Backup storage plane data transfer APIs, allowing the AWS Backint agent to complete backup data transfer with the AWS Backup storage plane. Users can attach this policy to roles assumed by Amazon EC2 instances running SAP HANA with the Backint agent. |
AWS Backup Restore Access For SAP HANA | AWSBackupRestoreAccessForSAPHANA | This policy provides AWS Backup permission to restore a backup of SAP HANA on Amazon EC2. |
AWS Backup For Amazon S3 Backup Policy | AWSBackupServiceRolePolicyForS3Backup | This policy contains the permissions necessary for AWS Backup to back up any S3 bucket. This includes access to all objects in a bucket and any associated AWS KMS key. |
AWS Backup For Amazon S3 Restore Policy | AWSBackupServiceRolePolicyForS3Restore | This policy contains permissions necessary for AWS Backup to restore an S3 backup to a bucket. This includes read and write permissions to the buckets and the usage of any AWS KMS key in regards to S3 operations. |
Backup Audit IAM Policy | AWSBackupAuditAccess | This policy grants permissions for users to create controls and frameworks that define their expectations for AWS Backup resources and activities, and to audit AWS Backup resources and activities against their defined controls and frameworks. This policy grants permissions to AWS Config and similar services to describe user expectations perform the audits. This policy also grants permissions to deliver audit reports to Amazon S3 and similar services, and enables users to find and open their audit reports. |
AWS Service Role Policy for Backup Reports | AWSServiceRolePolicyForBackupReports | AWS Backup uses this policy for the AWSServiceRoleForBackupReports service-linked role. This
service-linked role gives AWS Backup permissions to monitor and report on the
compliance of your backup settings, jobs, and resources with your
frameworks. |
Backup Administrator IAM Policy | AWSBackupFullAccess | The backup administrator has full access to AWS Backup operations, including creating or editing backup plans, assigning AWS resources to backup plans, and restoring backups. Backup administrators are responsible for determining and enforcing backup compliance by defining backup plans that meet their organization's business and regulatory requirements. Backup administrators also ensure that their organization's AWS resources are assigned to the appropriate plan. |
Backup Operator IAM Policy | AWSBackupOperatorAccess | Backup operators are users that are responsible for ensuring the resources that they are responsible for are properly backed up. Backup operators have permissions to assign AWS resources to the backup plans that the backup administrator creates. They also have permissions to create on-demand backups of their AWS resources and to configure the retention period of on-demand backups. Backup operators do not have permissions to create or edit backup plans or to delete scheduled backups after they are created. Backup operators can restore backups. You can limit the resource types that a backup operator can assign to a backup plan or restore from a backup. You do this by allowing only certain service roles to be passed to AWS Backup that have permissions for a certain resource type. |
Backup Administrator AWS Organizations Policy | AWSBackupOrganizationAdminAccess | The organization administrator has full access to AWS Organizations operations, including creating, editing, or deleting backup policies, assigning backup policies to accounts and organizational units, and monitoring backup activities within the organization. Organization administrators are responsible for protecting accounts in their organization by defining and assigning backup policies that meet their organization's business and regulatory requirements. |
Default Service Role Policy for Backups | AWSBackupServiceRolePolicyForBackup | Provides AWS Backup permissions to create backups of all supported resource types on your behalf. |
Default Service Role Policy for Restores | AWSBackupServiceRolePolicyForRestores | Provides AWS Backup permissions to restore backups of all supported resource types
on your behalf. For EC2 instance restores, you must also include the following
permissions to launch the EC2 instance:
|
Policy updates for AWS Backup
AWS services maintain and update AWS managed policies. You can't change the permissions in AWS managed policies. Services occasionally add additional permissions to an AWS managed policy to support new features. This type of update affects all identities (users, groups, and roles) where the policy is attached. Services are most likely to update an AWS managed policy when a new feature is launched or when new operations become available. Services do not remove permissions from an AWS managed policy, so policy updates won't break your existing permissions.
Additionally, AWS supports managed policies for job functions that span multiple services. For example, the ReadOnlyAccess AWS managed policy provides read-only access to all AWS services and resources. When a service launches a new feature, AWS adds read-only permissions for new operations and resources. For a list and descriptions of job function policies, see AWS managed policies for job functions in the IAM User Guide.
View details about updates to AWS managed policies for AWS Backup since this service began tracking these changes. For automatic alerts about changes to this page, subscribe to the RSS feed on the AWS Backup Document history page.
Change | Description | Date |
---|---|---|
AWSServiceRolePolicyForBackupRestoreTesting — Added permissions to support additional resource types with the restore testing feature |
AWS Backup added the following permissions to describe and list recovery points
and protected resources in order to conduct restore testing plans:
AWS Backup added the permission AWS Backup added the permission
AWS Backup added the following permissions to support restore testing of Amazon Redshift
backups: AWS Backup added the permission |
February 14, 2024 |
AWSBackupServiceRolePolicyForRestores — Added permissions to support AWS Backup transition to Amazon Elastic Block Store archive storage tier |
AWS Backup added the permissions These permissions are necessary for users to have the option to restore Amazon EBS resources stored with AWS Backup from archive storage. For EC2 instance restores, you must also include permissions as shown in the following policy statement to launch the EC2 instance: |
November 27, 2023 |
AWSBackupServiceRolePolicyForBackups — Added permissions to support AWS Backup transition to Amazon Elastic Block Store archive storage tier |
AWS Backup added the permissions These permissions are necessary for users to have the option to transition Amazon EBS resources stored with AWS Backup to archive storage. |
November 27, 2023 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permissions to support AWS Backup transition to Amazon Elastic Block Store archive storage tier — Also added permissions to support continuous backups and PITR (point-in-time restore) for Amazon Aurora. |
AWS Backup added the permissions These permissions are necessary for users to have the option to transition Amazon EBS resources stored with AWS Backup to archive storage. AWS Backup added the permissions |
|
AWSServiceRoleForBackupRestoreTesting — Added new service-linked role. |
AWS Backup has added the new service-linked role named This new service-linked role provides AWS Backup with permissions necessary to
conduct restore testing. The permissions include the actions Change tracking has begun for this policy. |
November 27, 2023 |
AWSBackupFullAccess — Added pass role permission to support restore testing. |
AWS Backup added |
November 27, 2023 |
AWSBackupServiceRolePolicyForRestores — Added permissions to support continuous backups and PITR (point-in-time restore) for Amazon Aurora. |
AWS Backup added the permissions |
September 6, 2023 |
AWSBackupFullAccess — Added new permission to support continuous backups and PITR (point-in-time restore) for Amazon Aurora. |
AWS Backup added the permission
|
September 6, 2023 |
AWSBackupOperatorAccess — Added new permission to support continuous backups and PITR (point-in-time restore) for Amazon Aurora. |
AWS Backup added the permission
|
September 6, 2023 |
AWSBackupServiceRolePolicyForBackup — Added permissions to support continuous backups and PITR (point-in-time restore) for Amazon Aurora. |
AWS Backup added the permission
AWS Backup added the permission AWS Backup added the permission |
September 6, 2023 |
AWSBackupFullAccess — Added permission to get Resource Share Associations for new vault type. |
AWS Backup added the action AWS Backup requires this additional permission to interact with AWS RAM. |
August 8, 2023 |
AWSBackupOperatorAccess — Added permission to get Resource Share Associations for new vault type. |
AWS Backup added the action AWS Backup requires this additional permission to interact with AWS RAM. |
August 8, 2023 |
AWSBackupServiceRolePolicyForS3Backup — Added new permission to support Amazon S3 backup |
AWS Backup added the permission AWS Backup needs this permission to enhance backup performance speeds by using a bucket inventory. |
August 1, 2023 |
AWSBackupServiceRolePolicyForRestores — Added permissions to add tags to resources during a restore job. |
AWS Backup added the following actions to grant the user permissions to add tags
to restore resources: These added permissions are necessary for AWS Backup to add tags to resources during the restore process. |
May 22, 2023 |
AWSBackupAuditAccess — Replaced resource selection |
AWS Backup replaced the resource selection within the API
This expanded resource selection makes it easier for a user to select a resource with fewer errors. |
April 11, 2023 |
AWSBackupServiceRolePolicyForRestores — Added permissions to support encrypted Amazon Elastic File System restores. |
AWS Backup added the following permission to restore Amazon EFS using a customer
managed key: This update is necessary to help ensure users have required permissions to restore Amazon EFS resources. |
March 27, 2023 |
AWSServiceRolePolicyForBackupReports — Updated action |
AWS Backup updated the AWS Backup requires this update to interact with AWS Config. |
March 9, 2023 |
AWSBackupServiceRolePolicyForS3Restore — Adding new permission for restores involving AWS KMS encryptions |
AWS Backup added the following permissions: These permissions are necessary to support restores of objects when KMS encryption is used in the original backup and for restoring objects when object ownership is configured on the original bucket instead of ACL. |
February 13, 2023 |
AWSBackupFullAccess — Added new permissions to support VMware backup operations |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to schedule backups using VMware tags of virtual machines and to support schedule-based bandwidth throttling. |
December 15, 2022 |
AWSBackupOperatorAccess — Added new permissions to support backup operations |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to schedule backups using VMware tags of virtual machines and to support schedule-based bandwidth throttling. |
December 15, 2022 |
AWS BackupGatewayServiceRolePolicyForVirtualMachineMetadataSync — Added new policy with permissions to support AWS Backup Gateway sync with virtual machines. |
AWS Backup introduced this policy, and within it, the following permissions:
These permissions are necessary for AWS Backup Gateway to sync the metadata of virtual machines in on-premise networks with Backup Gateway. |
December 15, 2022 |
AWSBackupServiceRolePolicyForBackup — Added permissions to allow AWS Backup to backup Amazon Timestream resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to support Timestream backup jobs. |
December 13, 2022 |
AWSBackupServiceRolePolicyForRestores — Added permissions to allow AWS Backup to restore Amazon Timestream resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to support Timestream restore jobs. |
December 13, 2022 |
AWSBackupFullAccess — Added permissions to allow AWS Backup to support Amazon Timestream resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to support Timestream resources. |
December 13, 2022 |
AWSBackupOperatorAccess — Added permissions to allow AWS Backup to support Amazon Timestream resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to support Timestream resources. |
December 13, 2022 |
AWSBackupServiceLinkedRolePolicyForBackup — Updated managed policy permission allows AWS Backup to have necessary access to Timestream resources for backup functions. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to support Timestream resources. |
December 13, 2022 |
AWSBackupFullAccess — Added permissions to allow AWS Backup to support Amazon Redshift resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to utilize Amazon Redshift resources. |
November 27, 2022 |
AWSBackupOperatorAccess — Added permissions for AWS Backup to support Amazon Redshift resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to utilize Amazon Redshift resources. |
November 27, 2022 |
AWSBackupServiceRolePolicyForRestores — Added permissions to allow AWS Backup to access Amazon Redshift resources. |
AWS Backup added the following permissions:
AWS Backup needs these permissions for its support of Amazon Redshift restore jobs. |
November 27, 2022 |
AWSBackupServiceRolePolicyForBackup — Added permissions to allow AWS Backup to access Amazon Redshift resources. |
AWS Backup added the following permissions:
AWS Backup needs these permissions for its support of Amazon Redshift backup jobs. |
November 27, 2022 |
AWSBackupFullAccess — Added permission to allow AWS Backup to support AWS CloudFormation resources. |
AWS Backup added the following permission:
|
November 27, 2022 |
AWSBackupOperatorAccess — Added permission to allow AWS Backup to support AWS CloudFormation resources. |
AWS Backup added the following permission:
|
November 27, 2022 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permissions to allow AWS Backup to support AWS CloudFormation resources. |
AWS Backup added the following permissions:
These permissions are necessary for Backup to support CloudFormation resources. |
November 27, 2022 |
AWSBackupServiceRolePolicyForBackup — Added permissions to allow AWS Backup to access AWS CloudFormation resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to support AWS CloudFormation application stack backup jobs. |
November 16, 2022 |
AWSBackupServiceRolePolicyForRestores — Added permissions to allow AWS Backup to access AWS CloudFormation resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to support AWS CloudFormation application stack restore jobs. |
November 16, 2022 |
AWSBackupOrganizationAdminAccess — AWS Backup added permissions to this policy for Delegated Administrator functions. |
AWS Backup added the following permissions to this policy:
These permissions are necessary to allow organization administrators to use the Delegated Administrator feature. |
November 27, 2022 |
AWSBackupServiceRolePolicyForBackup — Added permissions to allow AWS Backup to support SAP HANA on Amazon EC2 instances. |
AWS Backup added the following permissions:
These permissions are necessary for Backup to support SAP HANA on Amazon EC2 instances. |
November 20, 2022 |
AWSBackupFullAccess — Added permissions to allow AWS Backup support of SAP HANA on Amazon EC2 instances. |
AWS Backup added the following permissions:
These permissions are necessary for Backup to support SAP HANA on Amazon EC2 instances. |
November 20, 2022 |
AWSBackupOperatorAccess — Added permissions to allow AWS Backup support of SAP HANA on Amazon EC2 instances. |
AWS Backup added the following permissions:
These permissions are necessary for Backup to support SAP HANA on Amazon EC2 instances. |
November 20, 2022 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permission to allow AWS Backup support of SAP HANA on Amazon EC2 instances. |
AWS Backup added the following permission:
This permission is necessary for Backup to support SAP HANA on Amazon EC2 instances. |
November 20, 2022 |
AWSBackupServiceRolePolicyForRestores — Added permissions to allow AWS Backup to access Amazon EC2 resources. |
AWS Backup added the following permission:
This permission is necessary for AWS Backup to support Backup gateway restore jobs to an EC2 instance. |
November 20, 2022 |
AWSBackupDataTransferAccess — Added permissions to allow AWS Backup to support secure storage data transfer for SAP HANA on Amazon EC2 instance resources. |
AWS Backup added the following permissions:
These permissions are necessary for AWS Backup to support secure storage data transfer for SAP HANA On Amazon EC2 resources. |
November 20, 2022 |
AWSBackupRestoreAccessForSAPHANA — Added permissions for data owners to perform restore jobs of SAP HANA on Amazon EC2 instance resources. |
AWS Backup added the following permissions: These permissions are necessary for resource owners to perform restore of SAP HANA On Amazon EC2 resources. |
November 20, 2022 |
AWSBackupServiceRolePolicyForS3Backup — Added new permission to support Amazon S3 backup |
AWS Backup added the permission AWS Backup needs this permission for backup operations of AWS Backup for S3. |
August 24, 2022 |
AWSBackupServiceRolePolicyForRestores — Added access for Amazon RDS restore jobs. |
AWS Backup added the following actions to grant access to create a database
instance: AWS Backup needed this permission for its support of Amazon RDS multi-Availability Zone (Multi-AZ) functionality. |
July 20, 2022 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permission to support Amazon S3 backup |
AWS Backup added the AWS Backup needed that permission for its support of Amazon S3 data. |
May 6, 2022 |
AWSBackupServiceRolePolicyForBackup — Added new permissions to support FSx for ONTAP volume level backup. |
AWS Backup added volume resources in the scope of existing
AWS Backup needed this permission for its support of FSx for ONTAP. |
April 27, 2022 |
AWSBackupServiceRolePolicyForRestores — Added permissions to support restoring FSx for ONTAP volumes. |
AWS Backup added the following actions to grant the users permissions to restore
FSx for ONTAP volumes AWS Backup needed this permission for its support of FSx for ONTAP. |
April 27, 2022 |
AWSBackupServiceRolePolicyForS3Backup — Added new permissions to support Amazon S3 backup |
AWS Backup added the following actions to grant the user permissions to receive
notifications of changes to their Amazon S3 buckets during backup operations:
AWS Backup needed those permissions for its support of Amazon S3 data. |
February 25, 2022 |
AWSBackupServiceRolePolicyForS3Backup — Added new AWS Managed Policy to support Amazon S3 backup |
In the new AWS Backup added the following actions to grant the user permissions to back up
their Amazon S3 objects: AWS Backup added the following actions to grant the user permissions to back up
their encrypted Amazon S3 data: AWS Backup added the following actions to grant the user permissions to take
incremental backups of their Amazon S3 data using Amazon EventBridge rules:
AWS Backup needed those permissions for its support of Amazon S3 data. |
February 17, 2022 |
AWSBackupServiceRolePolicyForS3Restore — Added new AWS Managed Policy to support Amazon S3 restore |
In the new AWS Backup added the following actions to grant the user permissions to restore
their Amazon S3 buckets: AWS Backup added the following actions to grant the user permissions to encrypt
their restored Amazon S3 data: AWS Backup needed those permissions for its support of Amazon S3 data. |
February 17, 2022 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permission to support Amazon S3 backup |
AWS Backup added AWS Backup needed that permission for its support of Amazon S3 data. |
February 14, 2022 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permission to list AWS Backup Gateway resources |
AWS Backup added AWS Backup also added AWS Backup needed these permission for its support of virtual machines, which launched November 30, 2021. |
November 30, 2021 |
AWSBackupServiceRolePolicyForBackup — Added permissions to back up virtual machines |
AWS Backup added AWS Backup needed this permission for its support of virtual machines, which launched November 30, 2021. |
November 30, 2021 |
AWSBackupServiceRolePolicyForRestores — Added permission to restore virtual machines |
AWS Backup added AWS Backup needed this permission for its support of virtual machines, which launched November 30, 2021. |
November 30, 2021 |
AWSBackupFullAccess — Added permission to work with virtual machines |
AWS Backup added the following actions to grant the users permissions to use
AWS Backup Gateway to back up, restore, and manage their virtual machines:
AWS Backup needed this permission for its support of AWS Backup Gateway, which launched November 30, 2021. |
November 30, 2021 |
AWSBackupOperatorAccess — Added permission to list AWS Backup Gateway resources |
AWS Backup added the following actions to grant the user permissions to back up
their virtual machines: AWS Backup needed this permission for its support of virtual machines, which launched November 30, 2021. |
November 30, 2021 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permission to back up Amazon DynamoDB tables |
AWS Backup added AWS Backup needed this permission for its advanced DynamoDB backup features, which launched November 23, 2021. |
November 23, 2021 |
AWSBackupServiceRolePolicyForBackup — Added permissions to back up Amazon DynamoDB tables |
AWS Backup added AWS Backup also added AWS Backup needed these permission for its advanced DynamoDB backup features, which launched November 23, 2021. |
November 23, 2021 |
AWSBackupServiceLinkedRolePolicyForRestores — Added permissions to restore Amazon DynamoDB tables |
AWS Backup added AWS Backup needed this permission to restore backups created using AWS Backup's advanced DynamoDB features, which launched November 23, 2021. |
November 23, 2021 |
AWSBackupServiceRolePolicyForRestores — Added permissions to restore Amazon DynamoDB tables |
AWS Backup added AWS Backup needed this permission to restore backups created using AWS Backup's advanced DynamoDB features, which launched November 23, 2021. |
November 23, 2021 |
AWSBackupOperatorAccess — Removed redundant actions |
AWS Backup removed the existing actions
AWS Backup did not need both |
November 23, 2021 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permissions to support fine-grained resource assignments to backup plans |
AWS Backup added the new actions
AWS Backup needed these permissions to give customers additional, flexibile ways to assign their resources to their backup plans. |
November 10, 2021 |
AWSBackupAuditAccess — Added new policy |
AWS Backup added AWS Backup needed this permission for AWS Backup Audit Manager, which launched August 24, 2021. |
August 24, 2021 |
AWSServiceRolePolicyForBackupReports — Added new policy |
AWS Backup added AWS Backup needed this permission for AWS Backup Audit Manager, which launched August 24, 2021. |
August 24, 2021 |
AWSBackupFullAccess — Added permission to create service-linked role |
AWS Backup added AWS Backup needed this permission as part of the |
July 5, 2021 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permission to support deletion of DynamoDB recovery points |
AWS Backup added the new action AWS Backup needed this permission to delete DynamoDB tables as part of the
|
July 5, 2021 |
AWSBackupOperatorAccess — Removed redundant actions |
AWS Backup removed the existing actions
AWS Backup did not need both |
May 25, 2021 |
AWSBackupOperatorPolicy — Removed redundant actions |
AWS Backup removed the existing actions
AWS Backup did not need both |
May 25, 2021 |
AWSBackupServiceRolePolicyForRestores — Added permission to apply tags to Amazon FSx restores |
AWS Backup added the new action AWS Backup needed this permission to apply tags to Amazon FSx file systems as part of
the |
May 24, 2021 |
AWSBackupServiceRolePolicyForRestores — Added permission to perform Amazon EC2 restores |
AWS Backup added the new actions AWS Backup needed this permission to restore Amazon EC2 instances from recovery points
as part of the |
May 24, 2021 |
AWSBackupServiceRolePolicyForBackup — Added permission to perform Amazon FSx cross-Region and cross-account copies |
AWS Backup added the new action AWS Backup needed this permission to copy Amazon FSx recovery points across Regions
and accounts as part of the |
April 12, 2021 |
AWSBackupServiceLinkedRolePolicyForBackup — Added permission to perfrom Amazon FSx cross-Region and cross-account copies |
AWS Backup added the new action AWS Backup needed this permission to copy Amazon FSx recovery points across Regions
and accounts as part of the |
April 12, 2021 |
AWSBackupServiceRolePolicyForBackup — Added permissions to support encrypted DynamoDB table backup |
AWS Backup updated its AWS managed policies to comply with the following requirement: For AWS Backup to create a backup of an encrypted DynamoDB table, you must add the
permissions |
March 10, 2021 |
AWSBackupFullAccess — Added permissions to support Amazon RDS continuous backups and point-in-time restore |
AWS Backup updated its AWS managed policy to comply with the following requirements: To use AWS Backup to configure continuous backups for your Amazon RDS database, verify
the API permission To restore Amazon RDS continuous backups, you must add the permission
In the AWS Backup console, to describe the range of times available for
point-in-time recovery, you must include the
|
March 10, 2021 |
AWS Backup started tracking changes |
AWS Backup started tracking changes for its AWS-managed policies. |
March 10, 2021 |