[question]: Does this require action in our modules?

[fullykubed]

Prior Search

• I have already searched this project's issues to determine if a similar question has already been asked.

What is your question?

The only thing that this would impact is the terraform state backups:

On June 30, 2025, we will be making a change to AWS Backup to validate the existence of the backup:TagResource permission when backup/copy job attempt to add tags to backups. We identified your account has roles used for AWS Backup which are affected by this change. Because we cannot modify your AWS Identity and Access Management (IAM) policies, you must add the backup:TagResource permission to the roles used for backup/copy jobs by September 30, 2025, otherwise those jobs will start failing. Your backup/copy jobs will be successful until this date even though you will receive an error message for the event "TagResource" in your AWS CloudTrail logs.
A list of your role(s) without tagging permission can be found in the 'Affected resources' tab of your AWS Health Dashboard. To add the backup:TagResource permission, please refer to our "API permissions: actions, resources, and conditions reference" user guide [1].
If you have questions or concerns, please reach out to AWS Support [2].
[1] https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#backup-api-permissions-ref
[2] https://aws.amazon.com/support
Sincerely,
Amazon Web Services

Can you verify that no action is needed and/or make the necessary changes?

What primary components of the stack does this relate to?

terraform

Code of Conduct

• I agree to follow this project's Code of Conduct

[fullykubed]

@uptownhr Have you confirmed what action is necessary here? This may impact our state backups, so I need to know with 100% certainty this is working at client sites.

[uptownhr]

Addressed with bf3eebd