AWS IAM documentation change
Summary
Updated terminology from 'federated user' to 'AWS STS federated user principal' and 'federated principal', clarifying identity federation mechanisms
Security assessment
The changes refine terminology around federated access but do not address vulnerabilities or introduce new security controls. The updates improve accuracy by specifying AWS Security Token Service (STS) integration and broader identity federation concepts, which are normal documentation improvements rather than security fixes.
Diff
diff --git a/IAM/latest/UserGuide/intro-structure.md b/IAM/latest/UserGuide/intro-structure.md index 2997b3d33..5c1427ee3 100644 --- a//IAM/latest/UserGuide/intro-structure.md +++ b//IAM/latest/UserGuide/intro-structure.md @@ -11 +11 @@ AWS Identity and Access Management provides the infrastructure necessary to cont -First, a human user or an application uses their sign-in credentials to authenticate with AWS. IAM matches the sign-in credentials to a principal (an IAM user, federated user, IAM role, or application) trusted by the AWS account and authenticates permission to access AWS. +First, a human user or an application uses their sign-in credentials to authenticate with AWS. IAM matches the sign-in credentials to a principal (an IAM user, AWS STS federated user principal, IAM role, or application) trusted by the AWS account and authenticates permission to access AWS. @@ -44 +44 @@ A principal signs in to AWS using their credentials which IAM authenticates to p - * **Federated user** – Your identity provider authenticates you and passes your credentials to AWS, you don't have to sign-in directly to AWS. Both IAM Identity Center and IAM support federated users. + * **Federated principal** – Your identity provider authenticates you and passes your credentials to AWS, you don't have to sign-in directly to AWS. Both IAM Identity Center and IAM support identity federation.