AWS Security ChangesHomeSearch

AWS pinpoint high security documentation change

Service: pinpoint · 2025-10-22 · Security-related high

File: pinpoint/latest/archguide/security-infrastructure-security.md

Summary

Removed a paragraph explaining that API requests must be signed using IAM access keys or temporary credentials from AWS STS

Security assessment

The removed content described fundamental security controls (access key signing and STS) required for API authentication. Omitting this critical authentication guidance could lead developers to implement insecure API access patterns without proper credential validation.

Diff

diff --git a/pinpoint/latest/archguide/security-infrastructure-security.md b/pinpoint/latest/archguide/security-infrastructure-security.md
index e96067008..a95324055 100644
--- a//pinpoint/latest/archguide/security-infrastructure-security.md
+++ b//pinpoint/latest/archguide/security-infrastructure-security.md
@@ -20,2 +19,0 @@ You use AWS published API calls to access Amazon Pinpoint through the network. C
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-