AWS singlesignon documentation change
Summary
Added details about enabling trusted identity propagation, CloudTrail monitoring, and session termination capabilities
Security assessment
Documents security-adjacent features (session management and monitoring) but does not address specific vulnerabilities
Diff
diff --git a/singlesignon/latest/userguide/user-background-sessions.md b/singlesignon/latest/userguide/user-background-sessions.md index 5a9dfa9b3..5f2451191 100644 --- a//singlesignon/latest/userguide/user-background-sessions.md +++ b//singlesignon/latest/userguide/user-background-sessions.md @@ -8,0 +9,2 @@ User background sessions allow a user to initiate a long-running job on an AWS m +User background sessions are enabled by default for supported AWS managed applications such as Amazon SageMaker Studio. To use this capability, however, you must enable trusted identity propagation in Amazon SageMaker Studio when you create or update a domain. For more information, see [Enable trusted identity propagation in your Amazon SageMaker AI domain](https://docs.aws.amazon.com/sagemaker/latest/dg/trustedidentitypropagation-setup.html#trustedidentitypropagation-setup-enable). + @@ -16,0 +19,4 @@ Keep in mind the following considerations for user background sessions: + * You can view user background sessions in CloudTrail. For information, see [Identifying user background session details](./sso-cloudtrail-use-cases.html#identifying-user-background-session-details). + + * You can also end active sessions for a user in your organization. For information, see [End active sessions for your workforce users](./end-active-sessions.html). + @@ -49 +55 @@ Changes to session duration apply only to new sessions. Current sessions keep th -A customer managed application can't create a user background session.. +A customer managed application can't create a user background session.