AWS Security ChangesHomeSearch

AWS dms medium security documentation change

Service: dms · 2025-10-22 · Security-related medium

File: dms/latest/userguide/infrastructure-security.md

Summary

Removed section explaining API request signing requirements using access keys/STS credentials

Security assessment

The removed content specified mandatory request signing with IAM credentials or STS tokens, a fundamental AWS security requirement. Deleting this could mislead users about authentication requirements, potentially leading to insecure API configurations. However, AWS services might still enforce signing at the API level regardless of documentation.

Diff

diff --git a/dms/latest/userguide/infrastructure-security.md b/dms/latest/userguide/infrastructure-security.md
index 3633011c0..189294052 100644
--- a//dms/latest/userguide/infrastructure-security.md
+++ b//dms/latest/userguide/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access AWS DMS through the network. Clients m
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-