AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-05-03 · Documentation low

File: AmazonS3/latest/userguide/acl-overview.md

Summary

Added end-of-support notice for Email Grantee ACLs with timeline and error warnings

Security assessment

This change announces deprecation of a feature (Email Grantee ACLs) but does not address an active security vulnerability or weakness. The notice focuses on service lifecycle management rather than mitigating security risks.

Diff

diff --git a/AmazonS3/latest/userguide/acl-overview.md b/AmazonS3/latest/userguide/acl-overview.md
index c4602781a..67a46811e 100644
--- a//AmazonS3/latest/userguide/acl-overview.md
+++ b//AmazonS3/latest/userguide/acl-overview.md
@@ -62,0 +63,8 @@ An ACL can have up to 100 grants.
+###### Important
+
+End of support notice: Beginning October 1, 2025, Amazon S3 will discontinue support for creating new Email Grantee Access Control Lists (ACL). Email Grantee ACLs created prior to this date will continue to work and remain accessible through the AWS Management Console, Command Line Interface (CLI), SDKs, and REST API. However, you will no longer be able to create new Email Grantee ACLs.
+
+Between July 1, 2025 and October 1, 2025, you will begin to see an increasing rate of `HTTP 405` errors for requests to Amazon S3 when attempting to create new Email Grantee ACLs.
+
+This change affects the following AWS Regions: US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland), and South America (São Paulo).
+