AWS Security ChangesHomeSearch

AWS iot-sitewise high security documentation change

Service: iot-sitewise · 2025-10-22 · Security-related high

File: iot-sitewise/latest/userguide/infrastructure-security.md

Summary

Removed documentation about requiring signed requests using IAM access keys or AWS STS temporary credentials

Security assessment

The removed lines specifically described fundamental security requirements for API access (signed requests with IAM credentials or STS). Removing this documentation could lead to misconfigurations where users might assume authentication isn't required, creating potential unauthorized access risks.

Diff

diff --git a/iot-sitewise/latest/userguide/infrastructure-security.md b/iot-sitewise/latest/userguide/infrastructure-security.md
index 0741cf5c0..2d9938af6 100644
--- a//iot-sitewise/latest/userguide/infrastructure-security.md
+++ b//iot-sitewise/latest/userguide/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access AWS IoT SiteWise through the network.
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-