AWS Security ChangesHomeSearch

AWS codecommit high security documentation change

Service: codecommit · 2025-10-22 · Security-related high

File: codecommit/latest/userguide/data-protection.md

Summary

Removed content about requiring signed requests with IAM credentials or AWS STS temporary security credentials

Security assessment

This change deletes critical information about mandatory request signing and IAM credential requirements, which are fundamental security controls. Removing this documentation could mislead users into thinking authentication mechanisms are optional, creating potential for insecure configurations and unauthorized access.

Diff

diff --git a/codecommit/latest/userguide/data-protection.md b/codecommit/latest/userguide/data-protection.md
index 994f825ad..4757bdbb5 100644
--- a//codecommit/latest/userguide/data-protection.md
+++ b//codecommit/latest/userguide/data-protection.md
@@ -20,2 +19,0 @@ You use AWS published API calls to access through the network. Clients must supp
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-