AWS organizations documentation change
Summary
Removed a sentence explaining that requests must be signed using access keys or temporary credentials from AWS STS
Security assessment
The removed content was general authentication guidance rather than addressing a specific vulnerability. While it relates to security practices, there's no evidence this change fixes a security issue or weakness.
Diff
diff --git a/organizations/latest/userguide/orgs_security_infrastructure.md b/organizations/latest/userguide/orgs_security_infrastructure.md index 8a43cfcae..390514990 100644 --- a//organizations/latest/userguide/orgs_security_infrastructure.md +++ b//organizations/latest/userguide/orgs_security_infrastructure.md @@ -18,2 +17,0 @@ You use AWS published API calls to access Organizations through the network. Cli -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -