AWS iot-fleetwise medium security documentation change
Summary
Removed details about request signing requirements using IAM credentials/AWS STS
Security assessment
Deletion of security-critical documentation about requiring signed API requests with IAM credentials or temporary security credentials removes explicit guidance for secure access control. This could lead to insecure implementations if developers are unaware of authentication requirements.
Diff
diff --git a/iot-fleetwise/latest/developerguide/infrastructure-security.md b/iot-fleetwise/latest/developerguide/infrastructure-security.md index 98faf9f01..50c7853e7 100644 --- a//iot-fleetwise/latest/developerguide/infrastructure-security.md +++ b//iot-fleetwise/latest/developerguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access AWS IoT FleetWise through the network. -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -