AWS Security ChangesHomeSearch

AWS AmazonECR high security documentation change

Service: AmazonECR · 2025-10-22 · Security-related high

File: AmazonECR/latest/userguide/infrastructure-security.md

Summary

Removed details about request signing using access keys and AWS STS temporary credentials

Security assessment

The deletion of authentication requirements (signing requests with access keys or STS) removes critical security guidance. This omission could lead to insecure configurations if users are unaware of mandatory request signing, directly impacting authentication practices.

Diff

diff --git a/AmazonECR/latest/userguide/infrastructure-security.md b/AmazonECR/latest/userguide/infrastructure-security.md
index 43e232900..79efaf32e 100644
--- a//AmazonECR/latest/userguide/infrastructure-security.md
+++ b//AmazonECR/latest/userguide/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access Amazon ECR through the network. Client
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-