AWS Security ChangesHomeSearch

AWS opsworks high security documentation change

Service: opsworks · 2025-10-22 · Security-related high

File: opsworks/latest/userguide/infrastructure-security-opscm.md

Summary

Removed details about API request signing requirements using access keys or AWS STS temporary credentials

Security assessment

Deleting instructions about authentication mechanisms (access keys and STS) could lead to insecure configurations if users are unaware of mandatory request signing requirements. This directly impacts security documentation completeness.

Diff

diff --git a/opsworks/latest/userguide/infrastructure-security-opscm.md b/opsworks/latest/userguide/infrastructure-security-opscm.md
index e8fabbe73..30ecaf9f1 100644
--- a//opsworks/latest/userguide/infrastructure-security-opscm.md
+++ b//opsworks/latest/userguide/infrastructure-security-opscm.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access OpsWorks CM through the network. Clien
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-