AWS mediastore high security documentation change
Summary
Removed requirement for signed API requests using IAM credentials or AWS STS
Security assessment
Deletion of authentication requirements for API access could mislead users about security requirements. Signed requests are fundamental to AWS API security, and removing this documentation creates a potential misconfiguration risk.
Diff
diff --git a/mediastore/latest/ug/infrastructure-security.md b/mediastore/latest/ug/infrastructure-security.md index 453297c8d..3503596e6 100644 --- a//mediastore/latest/ug/infrastructure-security.md +++ b//mediastore/latest/ug/infrastructure-security.md @@ -20,2 +19,0 @@ You use AWS published API calls to access MediaStore through the network. Client -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -