AWS Security ChangesHomeSearch

AWS frauddetector high security documentation change

Service: frauddetector · 2025-10-22 · Security-related high

File: frauddetector/latest/ug/infrastructure-security.md

Summary

Removed details about API request signing requirements using access keys or STS temporary credentials

Security assessment

The deleted lines specifically described critical security controls for API authentication. Removing this documentation could lead to insecure implementations by omitting guidance about credential requirements and temporary security tokens, which are fundamental to AWS security practices.

Diff

diff --git a/frauddetector/latest/ug/infrastructure-security.md b/frauddetector/latest/ug/infrastructure-security.md
index 769a1b79c..0392837b9 100644
--- a//frauddetector/latest/ug/infrastructure-security.md
+++ b//frauddetector/latest/ug/infrastructure-security.md
@@ -20,2 +19,0 @@ You use AWS published API calls to access Amazon Fraud Detector through the netw
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-