AWS CMK Encryption

Veeam Backup for AWS allows you to back up, replicate and restore data of an RDS instance encrypted with AWS Key Management Service (AWS KMS) customer master keys (CMKs) and an EC2 instance whose EBS volumes are encrypted with AWS KMS CMKs. Additionally, you can encrypt unencrypted data and change CMKs used to encrypt data when performing the following operations:

If you back up, replicate and restore data of an unencrypted RDS instance or EC2 instance, and want to encrypt the backed-up or restored data, the IAM role that Veeam Backup for AWS uses to perform the operation requires permissions to access a CMK with which you want to encrypt the data.

If you back up, replicate and restore data of an encrypted RDS instance or an EC2 instance that has encrypted EBS volumes, depending on the operation performed with the instance, the IAM role that Veeam Backup for AWS uses for the operation requires specific permissions on CMKs. To learn what permissions must be assigned to the IAM role, see:

To learn how to grant permissions on a CMK to an IAM role, see this Veeam KB article.

I want to report a typo

There is a misspelling right here:

 

I want to let the Veeam Documentation Team know about that.