AWS Security ChangesHomeSearch

AWS sagemaker documentation change

Service: sagemaker · 2025-10-16 · Documentation medium

File: sagemaker/latest/dg/trustedidentitypropagation-compatibility.md

Summary

Added clarification about assumed roles not propagating identity context in Studio notebooks

Security assessment

Documents a security-relevant limitation of identity propagation but does not address a specific vulnerability. Enhances understanding of security feature behavior.

Diff

diff --git a/sagemaker/latest/dg/trustedidentitypropagation-compatibility.md b/sagemaker/latest/dg/trustedidentitypropagation-compatibility.md
index 4abe294ae..373676f81 100644
--- a//sagemaker/latest/dg/trustedidentitypropagation-compatibility.md
+++ b//sagemaker/latest/dg/trustedidentitypropagation-compatibility.md
@@ -53,0 +54,2 @@ Trusted identity propagation works with the following Studio features:
+  * When you use assume role operations within Studio notebooks, the assumed roles don't propagate trusted identity propagation context. Only the original execution role maintains the identity context.
+