AWS security-lake high security documentation change
Summary
Removed details about request signing requirements using access keys or AWS STS
Security assessment
Deletion of authentication security controls documentation could lead to insecure implementations. The removed content specifically described fundamental security practices for API access
Diff
diff --git a/security-lake/latest/userguide/infrastructure-security.md b/security-lake/latest/userguide/infrastructure-security.md index ffbc166ae..6fdff58fc 100644 --- a//security-lake/latest/userguide/infrastructure-security.md +++ b//security-lake/latest/userguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access Security Lake through the network. Cli -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -