AWS whitepapers documentation change
Summary
Added JSON placeholders and updated KMS ARN example
Security assessment
Includes logging encryption configuration example but no direct vulnerability fix
Diff
diff --git a/whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md b/whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md index ad17f1578..1b47d2b8a 100644 --- a//whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md +++ b//whitepapers/latest/sagemaker-studio-admin-best-practices/logging-and-monitoring.md @@ -28,0 +29,6 @@ For SageMaker AI to send logs to CloudWatch on your behalf, the caller of the Tr +JSON + + +**** + + @@ -54,0 +62,6 @@ To encrypt those logs with a custom AWS KMS key, you will first need to modify t +JSON + + +**** + + @@ -74 +87 @@ To encrypt those logs with a custom AWS KMS key, you will first need to modify t - "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:region:account-id:*" + "kms:EncryptionContext:aws:logs:arn": "arn:aws:logs:us-east-1:111122223333:*" @@ -82,0 +97,6 @@ Note that you can always use `ArnEquals` and provide a specific [Amazon Resource +JSON + + +**** + +