AWS Security ChangesHomeSearch

AWS app-mesh medium security documentation change

Service: app-mesh · 2025-10-22 · Security-related medium

File: app-mesh/latest/userguide/infrastructure-security.md

Summary

Removed statement about requiring access key signatures or STS temporary credentials for API requests.

Security assessment

Deleting authentication requirements documentation could lead to misconfiguration risks. The removed content explicitly described fundamental security controls (request signing) that prevent unauthorized access.

Diff

diff --git a/app-mesh/latest/userguide/infrastructure-security.md b/app-mesh/latest/userguide/infrastructure-security.md
index 7b4253722..bb76292f2 100644
--- a//app-mesh/latest/userguide/infrastructure-security.md
+++ b//app-mesh/latest/userguide/infrastructure-security.md
@@ -22,2 +21,0 @@ You use AWS published API calls to access App Mesh through the network. Clients
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-