AWS mediapackage documentation change
Summary
Removed details about signing API requests with access keys or temporary STS credentials.
Security assessment
The omission of authentication requirements could lead to misunderstandings about securing API access. However, there is no concrete evidence this change addresses a reported security vulnerability. It reduces clarity but does not directly introduce or fix a security issue.
Diff
diff --git a/mediapackage/latest/userguide/infrastructure-security.md b/mediapackage/latest/userguide/infrastructure-security.md index 405f00e1b..3281d99f6 100644 --- a//mediapackage/latest/userguide/infrastructure-security.md +++ b//mediapackage/latest/userguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access MediaPackage through the network. Clie -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -