AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-01-19 · Documentation high

File: cli/latest/reference/sagemaker/update-notebook-instance-lifecycle-config.md

Summary

Added a security note about lifecycle configurations executing with root access and IAM role privileges, advising to grant permissions only to trusted principals and follow security best practices.

Security assessment

The change adds documentation about security implications of lifecycle configurations (root access, IAM privileges) and references best practices. While it highlights security risks, there is no indication of addressing a specific existing vulnerability.

Diff

diff --git a/cli/latest/reference/sagemaker/update-notebook-instance-lifecycle-config.md b/cli/latest/reference/sagemaker/update-notebook-instance-lifecycle-config.md
index 35ad12aaa..bef3bd57a 100644
--- a//cli/latest/reference/sagemaker/update-notebook-instance-lifecycle-config.md
+++ b//cli/latest/reference/sagemaker/update-notebook-instance-lifecycle-config.md
@@ -15 +15 @@
-  * [AWS CLI 2.33.1 Command Reference](../../index.html) »
+  * [AWS CLI 2.33.2 Command Reference](../../index.html) »
@@ -60,0 +61,4 @@ Updates a notebook instance lifecycle configuration created with the [CreateNote
+### Note
+
+Updates to lifecycle configurations affect all notebook instances using that configuration upon their next start. Lifecycle configuration scripts execute with root access and the notebook instance’s IAM execution role privileges. Grant this permission only to trusted principals. See [Customize a Notebook Instance Using a Lifecycle Configuration Script](https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html) for security best practices.
+
@@ -325 +329 @@ None
-  * [AWS CLI 2.33.1 Command Reference](../../index.html) »
+  * [AWS CLI 2.33.2 Command Reference](../../index.html) »