AWS Security ChangesHomeSearch

AWS vpn documentation change

Service: vpn · 2025-10-22 · Documentation low

File: vpn/latest/clientvpn-admin/infrastructure-security.md

Summary

Removed details about requiring access keys/IAM credentials and AWS STS for API request signing

Security assessment

The removed content described standard API authentication practices rather than addressing a specific vulnerability. While security-related, this appears to be documentation simplification rather than a response to a security incident. No evidence of vulnerability remediation in the change.

Diff

diff --git a/vpn/latest/clientvpn-admin/infrastructure-security.md b/vpn/latest/clientvpn-admin/infrastructure-security.md
index 6c14a9709..15fee9504 100644
--- a//vpn/latest/clientvpn-admin/infrastructure-security.md
+++ b//vpn/latest/clientvpn-admin/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access Client VPN through the network. Client
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-