AWS Security ChangesHomeSearch

AWS whitepapers documentation change

Service: whitepapers · 2025-10-25 · Documentation medium

File: whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md

Summary

Added JSON placeholders and updated KMS ARN example

Security assessment

Includes logging encryption configuration example but no direct vulnerability fix

Diff

diff --git a/whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md b/whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md
index ad17f1578..1b47d2b8a 100644
--- a//whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md
+++ b//whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md
@@ -28,0 +29,6 @@ For SageMaker AI to send logs to CloudWatch on your behalf, the caller of the Tr
+JSON
+    
+
+****
+    
+    
@@ -54,0 +62,6 @@ To encrypt those logs with a custom AWS KMS key, you will first need to modify t
+JSON
+    
+
+****
+    
+    
@@ -74 +87 @@ To encrypt those logs with a custom AWS KMS key, you will first need to modify t
-                        "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:region:account-id:*"
+                        "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:us-east-1:111122223333:*"
@@ -82,0 +97,6 @@ Note that you can always use `ArnEquals` and provide a specific [Amazon Resource
+JSON
+    
+
+****
+    
+