AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-08-10 · Documentation low

File: AmazonS3/latest/userguide/using-presigned-url.md

Summary

Clarified that presigned URLs use IAM principal credentials instead of generic 'AWS user'

Security assessment

Terminology update improves accuracy but does not change security functionality or address vulnerabilities.

Diff

diff --git a/AmazonS3/latest/userguide/using-presigned-url.md b/AmazonS3/latest/userguide/using-presigned-url.md
index a70e9aac2..fa554f984 100644
--- a//AmazonS3/latest/userguide/using-presigned-url.md
+++ b//AmazonS3/latest/userguide/using-presigned-url.md
@@ -9 +9 @@ Who can create a presigned URLExpiration time for presigned URLsLimiting presign
-You can use presigned URLs to grant time-limited access to objects in Amazon S3 without updating your bucket policy. A presigned URL can be entered in a browser or used by a program to download an object. The credentials used by the presigned URL are those of the AWS user who generated the URL.
+You can use presigned URLs to grant time-limited access to objects in Amazon S3 without updating your bucket policy. A presigned URL can be entered in a browser or used by a program to download an object. The credentials used by the presigned URL are those of the AWS Identity and Access Management (IAM) principal who generated the URL.