AWS Security ChangesHomeSearch

AWS location high security documentation change

Service: location · 2025-10-22 · Security-related high

File: location/latest/developerguide/infrastructure-security.md

Summary

Removed content about requiring signed requests with IAM credentials or AWS STS temporary security credentials for API access.

Security assessment

The removed lines explicitly described mandatory security practices (signing requests with IAM credentials or STS tokens) for authenticating API calls. Deleting this documentation could mislead users into believing authentication is optional, increasing the risk of unauthorized access if developers omit these security controls.

Diff

diff --git a/location/latest/developerguide/infrastructure-security.md b/location/latest/developerguide/infrastructure-security.md
index 936f52248..d57866f37 100644
--- a//location/latest/developerguide/infrastructure-security.md
+++ b//location/latest/developerguide/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access Amazon Location through the network. C
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-