AWS workspaces-web high security documentation change
Summary
Removed guidance about signing API requests with access keys or STS temporary credentials
Security assessment
Deleting instructions for securing API access (authentication via access keys/STS) removes critical security best practices documentation. This omission could lead to insecure configurations if users are unaware of signing requirements, directly impacting authentication security.
Diff
diff --git a/workspaces-web/latest/adminguide/infrastructure-security.md b/workspaces-web/latest/adminguide/infrastructure-security.md index fcd5a6753..4ace7df41 100644 --- a//workspaces-web/latest/adminguide/infrastructure-security.md +++ b//workspaces-web/latest/adminguide/infrastructure-security.md @@ -18,2 +17,0 @@ You use AWS published API calls to access Amazon WorkSpaces Secure Browser throu -Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the [AWS Security Token Service](https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html) (AWS STS) to generate temporary security credentials to sign requests. -