AWS singlesignon medium security documentation change
Summary
Removed reference to IAM users in federation context, focusing only on IAM federation
Security assessment
The removal of 'or IAM users' suggests discouraging IAM user-based access in favor of federated access, which aligns with security best practices for reducing long-term credentials. This indirectly addresses security by promoting more secure authentication methods.
Diff
diff --git a/singlesignon/latest/userguide/identity-center-for-apps-only.md b/singlesignon/latest/userguide/identity-center-for-apps-only.md index 64ff5c64c..f439864ea 100644 --- a//singlesignon/latest/userguide/identity-center-for-apps-only.md +++ b//singlesignon/latest/userguide/identity-center-for-apps-only.md @@ -11 +11 @@ You can use IAM Identity Center for user access to applications such as Amazon Q -You don’t need to make any changes to your current AWS account workflows to use IAM Identity Center for access to AWS managed applications. If you’re using [federation with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers.html#id_roles_providers_iam) or IAM users for AWS account access, your users can continue to access AWS accounts in the same way they always have, and you can continue to use your existing workflows to manage that access. +You don’t need to make any changes to your current AWS account workflows to use IAM Identity Center for access to AWS managed applications. If you’re using [federation with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers.html#id_roles_providers_iam) for AWS account access, your users can continue to access AWS accounts in the same way they always have, and you can continue to use your existing workflows to manage that access.