AWS Security ChangesHomeSearch

AWS cloud9 high security documentation change

Service: cloud9 · 2025-10-22 · Security-related high

File: cloud9/latest/user-guide/infrastructure-security.md

Summary

Removed critical details about API request signing requirements (access keys/STS temporary credentials)

Security assessment

Deleting authentication requirements for API calls removes essential security guidance. This could mislead users into thinking authentication is optional, creating potential for unauthorized access. The removed content specifically addressed fundamental security controls (credential requirements).

Diff

diff --git a/cloud9/latest/user-guide/infrastructure-security.md b/cloud9/latest/user-guide/infrastructure-security.md
index 082a8c67f..3f85a8291 100644
--- a//cloud9/latest/user-guide/infrastructure-security.md
+++ b//cloud9/latest/user-guide/infrastructure-security.md
@@ -20,2 +19,0 @@ You use AWS published API calls to access AWS Cloud9 through the network. Client
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-