AWS codeartifact high security documentation change
Summary
Removed explanation about request signing requirements using IAM credentials or STS
Security assessment
Deletion of authentication mechanism details (access keys, secret keys, STS) weakens documentation of security-critical API access controls. This could lead to insecure implementations if developers aren't aware of required request signing
Diff
diff --git a/codeartifact/latest/ug/infrastructure-security.md b/codeartifact/latest/ug/infrastructure-security.md index f6870106b..198e1d063 100644 --- a//codeartifact/latest/ug/infrastructure-security.md +++ b//codeartifact/latest/ug/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access CodeArtifact through the network. Clie -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -