[Documentation] Security page recommends using IAM Users, which conflicts with current IAM recommendations #4089
Labels
documentation
This is a problem with documentation.
feature-request
This issue requests a feature.
needs-review
p2
This is a standard priority issue
Describe the issue
The security page in the documentation currently says:
This is somewhat out-of-date and conflicts with the latest IAM best practices, which recommend using federated authentication with MFA (for human identities) and IAM roles with temporary credentials (for machine identities). Machine identities running outside AWS are a bit less straightforward, but even then there are options to avoid the use of IAM Users with long-term credentials - e.g. IAM Roles Anywhere allows use of X.509 client certificates to obtain temporary IAM credentials.
Links
https://boto3.amazonaws.com/v1/documentation/api/latest/guide/security.html
The text was updated successfully, but these errors were encountered: