AWS guardduty high security documentation change
Summary
Removed documentation about request signing requirements using access keys or AWS STS temporary credentials
Security assessment
The deleted content described fundamental security controls for API access authentication. Removing this guidance could lead to insecure implementations if users are unaware of credential requirements, directly impacting authentication security.
Diff
diff --git a/guardduty/latest/ug/infrastructure-security.md b/guardduty/latest/ug/infrastructure-security.md index 21d262629..dc0163a86 100644 --- a//guardduty/latest/ug/infrastructure-security.md +++ b//guardduty/latest/ug/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access GuardDuty through the network. Clients -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -