AWS Security ChangesHomeSearch

AWS singlesignon documentation change

Service: singlesignon · 2026-03-16 · Documentation low

File: singlesignon/latest/userguide/awsapps-that-work-with-identity-center.md

Summary

Added note about multi-region deployment with customer managed KMS keys, updated application support matrix for various AWS services, and fixed footnote numbering

Security assessment

The added note about customer managed KMS keys mentions security-related encryption configuration, but does not indicate remediation of a vulnerability. The changes primarily document application integration capabilities rather than address security flaws.

Diff

diff --git a/singlesignon/latest/userguide/awsapps-that-work-with-identity-center.md b/singlesignon/latest/userguide/awsapps-that-work-with-identity-center.md
index a039edbe6..bf5282ee8 100644
--- a//singlesignon/latest/userguide/awsapps-that-work-with-identity-center.md
+++ b//singlesignon/latest/userguide/awsapps-that-work-with-identity-center.md
@@ -21,0 +22,4 @@ All of the AWS managed applications in the following table integrate with [organ
+###### Note
+
+Applications that support deployment in additional Regions of IAM Identity Center also support IAM Identity Center configured with a customer managed KMS key. Every AWS managed application listed here supports deployment in the primary Region. For more information, see [Deploying and managing AWS managed applications across multiple AWS Regions](./multi-region-application-use.html#multi-region-aws-managed-applications).
+
@@ -25 +29 @@ Amazon Athena SQL |  Yes |  Yes |  Yes |  No
-Amazon CodeCatalyst |  Yes |  No |  No |  No  
+Amazon CodeCatalyst |  Yes |  No |  Yes |  No  
@@ -26,0 +31 @@ Amazon DataZone |  Yes |  Yes |  Yes |  No
+Amazon EKS Capabilities |  Yes |  Yes |  Yes |  No  
@@ -36 +40,0 @@ Amazon OpenSearch Service Serverless Service |  Yes |  Yes |  Yes |  No
-OpenSearch user interface (Dashboards) |  Yes |  Yes |  Yes |  No  
@@ -38 +41,0 @@ Amazon Q Business |  Yes |  Yes |  Yes |  No
-Kiro |  Yes(1) |  Yes |  Yes |  No  
@@ -40 +43 @@ Amazon Quick |  Yes |  Yes |  Yes |  No
-Amazon Redshift |  Yes(2) |  Yes |  Yes |  No  
+Amazon Redshift |  Yes2 |  Yes |  Yes |  No  
@@ -42 +44,0 @@ Amazon S3 Access Grants |  Yes |  Yes |  Yes |  Yes
-Amazon SageMaker Unified Studio |  Yes |  Yes |  Yes |  No  
@@ -43,0 +46 @@ Amazon SageMaker Studio |  No |  Yes |  Yes |  No
+Amazon SageMaker Unified Studio |  Yes |  Yes |  Yes |  No  
@@ -55 +58 @@ AWS Supply Chain |  Yes |  No |  Yes |  No
-AWS Systems Manager |  No |  No |  Yes |  Yes - Fleet Manager  
+AWS Systems Manager |  No |  No |  Yes |  Yes - Fleet Manager Remote Desktop  
@@ -58,0 +62 @@ AWS Verified Access |  No |  No |  Yes |  No
+Kiro |  Yes1 |  Yes |  Yes |  No  
@@ -59,0 +64 @@ Multi-party approval |  No |  Yes |  Yes |  No
+OpenSearch user interface (Dashboards) |  Yes |  Yes |  Yes |  No  
@@ -61 +66 @@ Multi-party approval |  No |  Yes |  Yes |  No
-(1) For Kiro, account instances of IAM Identity Center are supported unless your users require access to the full set of Kiro features on AWS websites. For more information, see [Setting up Kiro](https://docs.aws.amazon.com/amazonq/latest/qdeveloper-ug/getting-started-q-dev.html) in the _Kiro User Guide_.
+1 For Kiro, account instances of IAM Identity Center are supported unless your users require access to the full set of Kiro features on AWS websites. For more information, see [Setting up Kiro](https://docs.aws.amazon.com/amazonq/latest/qdeveloper-ug/getting-started-q-dev.html) in the _Kiro User Guide_.
@@ -63 +68 @@ Multi-party approval |  No |  Yes |  Yes |  No
-(2) For Amazon Redshift, account instances of IAM Identity Center are supported except for applications like Query Editor v2 that require permission sets, which are not supported by account instances.
+2 For Amazon Redshift, account instances of IAM Identity Center are supported except for applications like Query Editor v2 that require permission sets, which are not supported by account instances.