AWS location high security documentation change
Summary
Removed content about requiring signed requests with IAM credentials or AWS STS temporary security credentials for API access.
Security assessment
The removed lines explicitly described mandatory security practices (signing requests with IAM credentials or STS tokens) for authenticating API calls. Deleting this documentation could mislead users into believing authentication is optional, increasing the risk of unauthorized access if developers omit these security controls.
Diff
diff --git a/location/latest/developerguide/infrastructure-security.md b/location/latest/developerguide/infrastructure-security.md index 936f52248..d57866f37 100644 --- a//location/latest/developerguide/infrastructure-security.md +++ b//location/latest/developerguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access Amazon Location through the network. C -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -