AWS directoryservice high security documentation change
Summary
Removed details about API request signing requirements and temporary security credentials
Security assessment
Deletion of critical authentication requirements (access keys, secret keys, STS) removes security best practice documentation. This could lead to insecure implementations if users are unaware of signing requirements.
Diff
diff --git a/directoryservice/latest/admin-guide/infrastructure-security.md b/directoryservice/latest/admin-guide/infrastructure-security.md index 6d276b0b1..3123322bf 100644 --- a//directoryservice/latest/admin-guide/infrastructure-security.md +++ b//directoryservice/latest/admin-guide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access AWS Directory Service through the netw -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -