AWS detective documentation change
Summary
Removed documentation about requiring signed API requests using IAM access keys or AWS STS temporary credentials
Security assessment
The removed lines described standard security practices (request signing with credentials) but their deletion doesn't indicate a specific security vulnerability being addressed. This appears to be documentation simplification rather than a response to a security incident. However, removing security-related guidance could reduce clarity about authentication requirements.
Diff
diff --git a/detective/latest/userguide/infrastructure-security.md b/detective/latest/userguide/infrastructure-security.md index b499131bc..9d535de3a 100644 --- a//detective/latest/userguide/infrastructure-security.md +++ b//detective/latest/userguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access Detective; through the network. Client -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -