AWS marketplace high security documentation change
Summary
Added note requiring use of temporary AWS credentials via IAM roles for EC2 instances in AMI-based products with custom metering, explicitly prohibiting long-term access keys.
Security assessment
Explicit guidance to use temporary credentials (security best practice) reduces risk of long-term key exposure. Prohibition of long-term keys directly addresses credential management security concerns.
Diff
diff --git a/marketplace/latest/userguide/custom-metering-with-mp-metering-service.md b/marketplace/latest/userguide/custom-metering-with-mp-metering-service.md index b61dadce1..5688338d4 100644 --- a//marketplace/latest/userguide/custom-metering-with-mp-metering-service.md +++ b//marketplace/latest/userguide/custom-metering-with-mp-metering-service.md @@ -8,0 +9,4 @@ RequirementsCall AWS Marketplace Metering Service Failure handling Limitations C +###### Note + +For AMI-based products with custom metering pricing, your software must call the [MeterUsage API](https://docs.aws.amazon.com/marketplace/latest/APIReference/API_marketplace-metering_MeterUsage.html) using temporary AWS credentials of the IAM role for Amazon Elastic Compute Cloud attached to the Amazon EC2 instance. Using long-term access keys is not supported. +