AWS Security ChangesHomeSearch

AWS codeguru high security documentation change

Service: codeguru · 2025-10-22 · Security-related high

File: codeguru/latest/profiler-ug/infrastructure-security.md

Summary

Removed statement about requiring access keys/STS for signing API requests to CodeGuru Profiler.

Security assessment

Deleting the requirement for request signing undermines a core AWS security practice. This could mislead users into believing authentication is optional, creating a critical security risk for API access.

Diff

diff --git a/codeguru/latest/profiler-ug/infrastructure-security.md b/codeguru/latest/profiler-ug/infrastructure-security.md
index d2c80f143..290c65197 100644
--- a//codeguru/latest/profiler-ug/infrastructure-security.md
+++ b//codeguru/latest/profiler-ug/infrastructure-security.md
@@ -22,2 +21,0 @@ You use AWS published API calls to access CodeGuru Profiler through the network.
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-