AWS autoscaling high security documentation change
Summary
Removed details about API request signing requirements using access keys or AWS STS
Security assessment
Removal of authentication requirements documentation creates security risk by omitting essential API security practices. Directly weakens security guidance.
Diff
diff --git a/autoscaling/plans/userguide/infrastructure-security.md b/autoscaling/plans/userguide/infrastructure-security.md index 16659857f..cc6e8d21d 100644 --- a//autoscaling/plans/userguide/infrastructure-security.md +++ b//autoscaling/plans/userguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access AWS Auto Scaling through the network. -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -