AWS Security ChangesHomeSearch

AWS sagemaker documentation change

Service: sagemaker · 2025-08-25 · Documentation medium

File: sagemaker/latest/dg/remote-access-remote-setup.md

Summary

Added clarification about IAM credential usage for remote IDE connections and opt-out instructions

Security assessment

Documents authentication method details and security controls (RemoteAccess conditional key) but does not address a specific vulnerability. Enhances security awareness rather than fixing an existing issue.

Diff

diff --git a/sagemaker/latest/dg/remote-access-remote-setup.md b/sagemaker/latest/dg/remote-access-remote-setup.md
index 8f0cd3ceb..4f709e379 100644
--- a//sagemaker/latest/dg/remote-access-remote-setup.md
+++ b//sagemaker/latest/dg/remote-access-remote-setup.md
@@ -13 +13 @@ Different connection methods require different IAM permissions. Configure the ap
-  1. Choose one of the following connection method permissions that align with your users’ [Connection methods](./remote-access.html#remote-access-connection-methods)
+###### Important
@@ -15 +15,5 @@ Different connection methods require different IAM permissions. Configure the ap
-  2. [Create a custom IAM policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html) based on the connection method permission
+Currently remote IDE connections are authenticated using IAM credentials, not IAM Identity Center. This applies for domains that use the IAM Identity Center [authentication method](https://docs.aws.amazon.com/sagemaker/latest/dg/onboard-custom.html#onboard-custom-authentication-details) for your users to access the domain. If you prefer not to use IAM authentication for remote connections, you can opt-out by disabling this feature using the `RemoteAccess` conditional key in your IAM policies. For more information, see [Remote access enforcement](./remote-access-remote-setup-abac.html#remote-access-remote-setup-abac-remote-access-enforcement).
+
+  1. Choose one of the following connection method permissions that align with your users’ [Connection methods](./remote-access.html#remote-access-connection-methods).
+
+  2. [Create a custom IAM policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html) based on the connection method permission.