AWS Security ChangesHomeSearch

AWS personalize high security documentation change

Service: personalize · 2025-10-22 · Security-related high

File: personalize/latest/dg/infrastructure-security.md

Summary

Removed paragraph about request signing requirements using access keys or STS

Security assessment

The removed content described fundamental security controls for API access. Deleting this information without replacement could lead to misconfigurations, though there's no explicit evidence of a specific vulnerability being addressed. The change impacts security documentation completeness.

Diff

diff --git a/personalize/latest/dg/infrastructure-security.md b/personalize/latest/dg/infrastructure-security.md
index c9dba3f86..026e3bc68 100644
--- a//personalize/latest/dg/infrastructure-security.md
+++ b//personalize/latest/dg/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access Amazon Personalize through the network
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-