AWS Security ChangesHomeSearch

AWS drs documentation change

Service: drs · 2025-10-22 · Documentation low

File: drs/latest/userguide/identity-access-management.md

Summary

Simplified IAM best practices and federated identity definitions, removed redundant details about IAM Identity Center configuration

Security assessment

Changes are editorial improvements to existing security documentation about federated access and IAM Identity Center. No specific vulnerability or incident response is mentioned. The updates maintain security recommendations for temporary credentials and centralized access management but do not introduce new security features or address exploits.

Diff

diff --git a/drs/latest/userguide/identity-access-management.md b/drs/latest/userguide/identity-access-management.md
index d702ffb6b..1a50eea71 100644
--- a//drs/latest/userguide/identity-access-management.md
+++ b//drs/latest/userguide/identity-access-management.md
@@ -17 +17 @@ When you attach a policy to a user or group of users, it allows or denies the us
-As a best practice, require human users, including users that require administrator access, to use federation with an identity provider to access AWS services by using temporary credentials.
+As a best practice, require human users to use federation with an identity provider to access AWS services using temporary credentials.
@@ -19 +19 @@ As a best practice, require human users, including users that require administra
-A _federated identity_ is a user from your enterprise user directory, a web identity provider, the AWS Directory Service, the Identity Center directory, or any user that accesses AWS services by using credentials provided through an identity source. When federated identities access AWS accounts, they assume roles, and the roles provide temporary credentials.
+A _federated identity_ is a user from your enterprise directory, web identity provider, or AWS Directory Service that accesses AWS services using credentials from an identity source. Federated identities assume roles that provide temporary credentials.
@@ -21 +21 @@ A _federated identity_ is a user from your enterprise user directory, a web iden
-For centralized access management, we recommend that you use AWS IAM Identity Center. You can create users and groups in IAM Identity Center, or you can connect and synchronize to a set of users and groups in your own identity source for use across all your AWS accounts and applications. For information about IAM Identity Center, see [What is IAM Identity Center?](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) in the _AWS IAM Identity Center User Guide_.
+For centralized access management, we recommend AWS IAM Identity Center. For more information, see [What is IAM Identity Center?](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) in the _AWS IAM Identity Center User Guide_.