AWS clean-rooms high security documentation change
Summary
Removed explanation about requiring signed API requests using IAM credentials or AWS STS temporary security credentials.
Security assessment
Omitting details about credential signing requirements removes critical authentication guidance. This could lead users to misconfigure API access controls, increasing risk of unauthorized access. The deleted content directly relates to securing API interactions.
Diff
diff --git a/clean-rooms/latest/userguide/infrastructure-security.md b/clean-rooms/latest/userguide/infrastructure-security.md index 1f6a4d8a4..94a816b5f 100644 --- a//clean-rooms/latest/userguide/infrastructure-security.md +++ b//clean-rooms/latest/userguide/infrastructure-security.md @@ -20,2 +19,0 @@ You use AWS published API calls to access AWS Clean Rooms through the network. C -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -