AWS Security ChangesHomeSearch

AWS vpn high security documentation change

Service: vpn · 2025-10-22 · Security-related high

File: vpn/latest/s2svpn/infrastructure-security.md

Summary

Removed content about requiring signed API requests using access keys or AWS STS temporary credentials

Security assessment

The removed lines specifically described fundamental security requirements for authenticating API calls to AWS VPN services. Removing this guidance could lead to developers misunderstanding authentication requirements, potentially resulting in unsigned API requests and unauthorized access. This directly impacts security posture by omitting critical credential management information.

Diff

diff --git a/vpn/latest/s2svpn/infrastructure-security.md b/vpn/latest/s2svpn/infrastructure-security.md
index af4eda476..3d01dd9af 100644
--- a//vpn/latest/s2svpn/infrastructure-security.md
+++ b//vpn/latest/s2svpn/infrastructure-security.md
@@ -18,2 +17,0 @@ You use AWS published API calls to access Site-to-Site VPN through the network.
-Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests.
-