AWS Security ChangesHomeSearch

AWS forecast medium security documentation change

Service: forecast · 2025-10-22 · Security-related medium

File: forecast/latest/dg/infrastructure-security.md

Summary

Removed documentation about requirement to sign requests with IAM credentials or AWS STS temporary security credentials

Security assessment

The removed content described fundamental security controls for API access authentication. Removing this documentation could lead to misunderstandings about security requirements, potentially resulting in insecure implementations. While not fixing a specific vulnerability, the change impacts security documentation integrity.

Diff

diff --git a/forecast/latest/dg/infrastructure-security.md b/forecast/latest/dg/infrastructure-security.md
index c223a863e..c17085c2a 100644
--- a//forecast/latest/dg/infrastructure-security.md
+++ b//forecast/latest/dg/infrastructure-security.md
@@ -20,2 +19,0 @@ You use AWS published API calls to access Forecast through the network. Clients
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-