AWS iot medium security documentation change
Summary
Changed reference from HTTPS endpoints with certificate authorities to HTTP action destinations
Security assessment
The change replaces 'HTTPS' (which implies encrypted communication) with 'HTTP' in the context of rule action destinations. This removes an implicit security recommendation for encrypted transport, potentially encouraging insecure configurations. HTTPS with certificate authorities helps prevent MITM attacks, while plain HTTP exposes data to interception.
Diff
diff --git a/iot/latest/developerguide/iotevents-rule-action.md b/iot/latest/developerguide/iotevents-rule-action.md index f3da0f766..71b9c29c1 100644 --- a//iot/latest/developerguide/iotevents-rule-action.md +++ b//iot/latest/developerguide/iotevents-rule-action.md @@ -99 +99 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Certificate authorities supported by HTTPS endpoints in topic rule destinations +HTTP action destinations