AWS mediapackage high security documentation change
Summary
Removed details about request signing requirements using IAM credentials and AWS STS
Security assessment
Deletion of critical authentication requirements (access key signing and temporary credentials via STS) removes guidance essential for securing API access. This could lead to insecure implementations if developers are unaware of these security controls, directly impacting authentication security.
Diff
diff --git a/mediapackage/latest/ug/infrastructure-security.md b/mediapackage/latest/ug/infrastructure-security.md index c96dad991..3bf16b6f3 100644 --- a//mediapackage/latest/ug/infrastructure-security.md +++ b//mediapackage/latest/ug/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access MediaPackage through the network. Clie -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -