AWS Security ChangesHomeSearch

AWS amplify high security documentation change

Service: amplify · 2025-10-22 · Security-related high

File: amplify/latest/userguide/infrastructure-security.md

Summary

Removed details about request signing requirements using IAM access keys or AWS STS temporary credentials

Security assessment

Deletion of authentication requirements documentation could lead to insecure implementations. The removed content specifically described mandatory security controls (request signing) critical for API security.

Diff

diff --git a/amplify/latest/userguide/infrastructure-security.md b/amplify/latest/userguide/infrastructure-security.md
index d0ad7a6f0..328416fbe 100644
--- a//amplify/latest/userguide/infrastructure-security.md
+++ b//amplify/latest/userguide/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access Amplify through the network. Clients m
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-