AWS waf medium security documentation change
Summary
Removed a sentence explaining the requirement to sign requests with IAM access keys or AWS STS temporary credentials.
Security assessment
The deleted content described a security-critical authentication mechanism (IAM access keys and AWS STS). Removing this documentation could lead to misconfigurations if users are unaware of these requirements, potentially weakening authentication practices.
Diff
diff --git a/waf/latest/developerguide/fms-infrastructure-security.md b/waf/latest/developerguide/fms-infrastructure-security.md index 0fec487b8..843000699 100644 --- a//waf/latest/developerguide/fms-infrastructure-security.md +++ b//waf/latest/developerguide/fms-infrastructure-security.md @@ -22,2 +21,0 @@ You use AWS published API calls to access Firewall Manager through the network. -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -