AWS AWSCloudFormation high security documentation change
Summary
Removed details about API request signing requirements using IAM credentials or AWS STS
Security assessment
The deleted lines explicitly described fundamental security controls (authentication via access keys and temporary credentials). Removing this documentation could lead to misconfigurations by omitting critical security implementation details for API access.
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/infrastructure-security.md b/AWSCloudFormation/latest/UserGuide/infrastructure-security.md index 187a90c9f..821648a5f 100644 --- a//AWSCloudFormation/latest/UserGuide/infrastructure-security.md +++ b//AWSCloudFormation/latest/UserGuide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access AWS CloudFormation through the network -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -