AWS AmazonS3 documentation change
Summary
Clarified that presigned URLs use IAM principal credentials instead of generic 'AWS user'
Security assessment
Terminology update improves accuracy but does not change security functionality or address vulnerabilities.
Diff
diff --git a/AmazonS3/latest/userguide/using-presigned-url.md b/AmazonS3/latest/userguide/using-presigned-url.md index a70e9aac2..fa554f984 100644 --- a//AmazonS3/latest/userguide/using-presigned-url.md +++ b//AmazonS3/latest/userguide/using-presigned-url.md @@ -9 +9 @@ Who can create a presigned URLExpiration time for presigned URLsLimiting presign -You can use presigned URLs to grant time-limited access to objects in Amazon S3 without updating your bucket policy. A presigned URL can be entered in a browser or used by a program to download an object. The credentials used by the presigned URL are those of the AWS user who generated the URL. +You can use presigned URLs to grant time-limited access to objects in Amazon S3 without updating your bucket policy. A presigned URL can be entered in a browser or used by a program to download an object. The credentials used by the presigned URL are those of the AWS Identity and Access Management (IAM) principal who generated the URL.