AWS Security ChangesHomeSearch

AWS amazonswf medium security documentation change

Service: amazonswf · 2025-10-22 · Security-related medium

File: amazonswf/latest/developerguide/infrastructure-security.md

Summary

Removed a sentence about requiring signed requests using access keys or AWS STS temporary credentials

Security assessment

The removed content described fundamental security controls (request signing and temporary credentials). Removing this documentation could lead to misconfigurations by users unaware of authentication requirements, increasing risk of unauthorized access.

Diff

diff --git a/amazonswf/latest/developerguide/infrastructure-security.md b/amazonswf/latest/developerguide/infrastructure-security.md
index 957740fa3..552a51a38 100644
--- a//amazonswf/latest/developerguide/infrastructure-security.md
+++ b//amazonswf/latest/developerguide/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access through the network. Clients must supp
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-