AWS tnb high security documentation change
Summary
Removed critical details about API request signing requirements using IAM access keys or AWS STS temporary credentials.
Security assessment
Omitting authentication requirements for API calls removes guidance essential for secure implementation. This could lead to insecure configurations if developers skip credential management. Direct impact on authentication security controls documentation.
Diff
diff --git a/tnb/latest/ug/infrastructure-security.md b/tnb/latest/ug/infrastructure-security.md index 8ed9449d6..57dc97983 100644 --- a//tnb/latest/ug/infrastructure-security.md +++ b//tnb/latest/ug/infrastructure-security.md @@ -20,2 +19,0 @@ You use AWS published API calls to access AWS TNB through the network. Clients m -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -