AWS Security ChangesHomeSearch

AWS sagemaker-unified-studio documentation change

Service: sagemaker-unified-studio · 2026-03-22 · Documentation medium

File: sagemaker-unified-studio/latest/adminguide/concepts.md

Summary

Added warning about Git connections granting all users in the account read/write access to all repositories, regardless of project membership or permission level, and recommends using separate AWS accounts for isolation.

Security assessment

This change adds a security warning about the broad access model of Git connections in SageMaker Unified Studio. It does not indicate a specific security vulnerability being fixed, but rather documents a security consideration for administrators. The warning helps prevent unintended data exposure by informing users about the lack of repository-level isolation within an account.

Diff

diff --git a/sagemaker-unified-studio/latest/adminguide/concepts.md b/sagemaker-unified-studio/latest/adminguide/concepts.md
index 1b6edaddb..4ce68207e 100644
--- a//sagemaker-unified-studio/latest/adminguide/concepts.md
+++ b//sagemaker-unified-studio/latest/adminguide/concepts.md
@@ -144,0 +145,2 @@ Git connections enable you to check in and check out files, and manage your code
+When you enable a Git connection, all users who can sign in to any domain in the account have read and write access to all repositories on that connection. This access applies regardless of the user's project membership or permission level. To enforce isolation between repositories, use separate AWS accounts.
+