AWS Security ChangesHomeSearch

AWS sagemaker high security documentation change

Service: sagemaker · 2025-06-13 · Security-related high

File: sagemaker/latest/dg/build-and-manage-pipeline.md

Summary

Added warning about avoiding sensitive data in pipeline parameters/step definitions due to visibility in DescribePipeline

Security assessment

Explicitly warns about potential exposure of sensitive information through pipeline metadata, addressing a security best practice. Directly mitigates risk of accidental credential/secret leakage.

Diff

diff --git a/sagemaker/latest/dg/build-and-manage-pipeline.md b/sagemaker/latest/dg/build-and-manage-pipeline.md
index ba66668b9..f8229c8b0 100644
--- a//sagemaker/latest/dg/build-and-manage-pipeline.md
+++ b//sagemaker/latest/dg/build-and-manage-pipeline.md
@@ -21,0 +22,4 @@ An Amazon SageMaker Pipelines instance is composed of a `name`, `parameters`, an
+###### Warning
+
+When building a pipeline through the visual editor or SageMaker AI Python SDK, do not include sensitive information in pipeline parameters or any step definition field (such as environment variables). These fields will be visible in the future when returned in a `DescribePipeline` request.
+