AWS license-manager high security documentation change
Summary
Removed details about API request signing requirements using access keys or AWS STS
Security assessment
Deletion of critical security documentation about authentication requirements could lead to insecure implementations. The removed content specifically explained mandatory security controls (access key signing and temporary credentials) for API access, which are fundamental to AWS security practices.
Diff
diff --git a/license-manager/latest/userguide/infrastructure-security.md b/license-manager/latest/userguide/infrastructure-security.md index 6b60c100c..7f3cae0ac 100644 --- a//license-manager/latest/userguide/infrastructure-security.md +++ b//license-manager/latest/userguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access License Manager through the network. C -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -