AWS devops-guru documentation change
Summary
Removed two sentences explaining the requirement of access keys/AWS STS for signing API requests.
Security assessment
Removal of general security context about API request signing, but no evidence this addresses a specific vulnerability. May streamline documentation assuming redundancy elsewhere.
Diff
diff --git a/devops-guru/latest/userguide/infrastructure-security.md b/devops-guru/latest/userguide/infrastructure-security.md index c47c3a2b4..37311af51 100644 --- a//devops-guru/latest/userguide/infrastructure-security.md +++ b//devops-guru/latest/userguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access DevOps Guru through the network. Clien -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -