From 6e334028387b8db569c72a4d9ca62a477a3cdd8f Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 13 Nov 2025 12:31:03 +0000
Subject: [PATCH 1/2] Initial plan


From 56c8fc6d86caf06ec2cda6de01cae6bc940057b7 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 13 Nov 2025 12:34:03 +0000
Subject: [PATCH 2/2] Fix trust policy example to reference EC2 instance role
 instead of target role

Co-authored-by: radoslawszulgo <175048287+radoslawszulgo@users.noreply.github.com>
---
 docs/manage/automate-s3-access.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/manage/automate-s3-access.md b/docs/manage/automate-s3-access.md
index cf461273..04610979 100644
--- a/docs/manage/automate-s3-access.md
+++ b/docs/manage/automate-s3-access.md
@@ -28,7 +28,7 @@ You can configure Percona Backup for MongoDB to assume an IAM role. To make this
 
     *   **Trust Policy**: The trust policy of the target role must allow the EC2 instance's role to assume it.
 
-        For example, if your EC2 instance role is `arn:aws:iam::EC2_ACCOUNT_ID:role/pbm-target-role`, use the following trust policy for your target role:
+        For example, if your EC2 instance role is `arn:aws:iam::EC2_ACCOUNT_ID:role/pbm-ec2-instance-role`, use the following trust policy for your target role:
 
         ```json
         {
@@ -37,14 +37,14 @@ You can configure Percona Backup for MongoDB to assume an IAM role. To make this
                 {
                     "Effect": "Allow",
                     "Principal": {
-                        "AWS": "arn:aws:iam::EC2_ACCOUNT_ID:role/pbm-target-role"
+                        "AWS": "arn:aws:iam::EC2_ACCOUNT_ID:role/pbm-ec2-instance-role"
                     },
                     "Action": "sts:AssumeRole"
                 }
             ]
         }
         ```
-        > Remember to replace `EC2_ACCOUNT_ID` and `pbm-target-role` with the account ID and role name of your EC2 instance.
+        > Remember to replace `EC2_ACCOUNT_ID` and `pbm-ec2-instance-role` with the account ID and role name of your EC2 instance.
 
     *   **Permissions Policy**: The target role must have a permissions policy attached that grants the necessary S3 access for PBM.