AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2026-05-16 · Documentation medium

File: securityhub/latest/userguide/sagemaker-controls.md

Summary

Added new control [SageMaker.18] requiring SageMaker feature group online stores with standard storage to be encrypted with AWS KMS keys

Security assessment

This change introduces a new security control for encrypting online stores but does not reference any specific vulnerability or incident. It enhances data protection documentation without addressing a known security flaw.

Diff

diff --git a/securityhub/latest/userguide/sagemaker-controls.md b/securityhub/latest/userguide/sagemaker-controls.md
index 9e5a05fd5..014f8c215 100644
--- a//securityhub/latest/userguide/sagemaker-controls.md
+++ b//securityhub/latest/userguide/sagemaker-controls.md
@@ -7 +7 @@
-[SageMaker.1] Amazon SageMaker notebook instances should not have direct internet access[SageMaker.2] SageMaker notebook instances should be launched in a custom VPC[SageMaker.3] Users should not have root access to SageMaker notebook instances[SageMaker.4] SageMaker endpoint production variants should have an initial instance count greater than 1[SageMaker.5] SageMaker models should have network isolation enabled[SageMaker.6] SageMaker app image configurations should be tagged[SageMaker.7] SageMaker images should be tagged[SageMaker.8] SageMaker notebook instances should run on supported platforms[SageMaker.9] SageMaker data quality job definitions should have inter-container traffic encryption enabled[SageMaker.10] SageMaker model explainability job definitions should have inter-container traffic encryption enabled[SageMaker.11] SageMaker data quality job definitions should have network isolation enabled[SageMaker.12] SageMaker model bias job definitions should have network isolation enabled[SageMaker.13] SageMaker model quality job definitions should have inter-container traffic encryption enabled[SageMaker.14] SageMaker monitoring schedules should have network isolation enabled[SageMaker.15] SageMaker model bias job definitions should have inter-container traffic encryption enabled[SageMaker.16] SageMaker models should use private registry in VPC for primary containers[SageMaker.17] SageMaker feature group offline stores should be encrypted with AWS KMS keys[SageMaker.19] SageMaker models should use private registry in VPC for multi-container inference pipelines
+[SageMaker.1] Amazon SageMaker notebook instances should not have direct internet access[SageMaker.2] SageMaker notebook instances should be launched in a custom VPC[SageMaker.3] Users should not have root access to SageMaker notebook instances[SageMaker.4] SageMaker endpoint production variants should have an initial instance count greater than 1[SageMaker.5] SageMaker models should have network isolation enabled[SageMaker.6] SageMaker app image configurations should be tagged[SageMaker.7] SageMaker images should be tagged[SageMaker.8] SageMaker notebook instances should run on supported platforms[SageMaker.9] SageMaker data quality job definitions should have inter-container traffic encryption enabled[SageMaker.10] SageMaker model explainability job definitions should have inter-container traffic encryption enabled[SageMaker.11] SageMaker data quality job definitions should have network isolation enabled[SageMaker.12] SageMaker model bias job definitions should have network isolation enabled[SageMaker.13] SageMaker model quality job definitions should have inter-container traffic encryption enabled[SageMaker.14] SageMaker monitoring schedules should have network isolation enabled[SageMaker.15] SageMaker model bias job definitions should have inter-container traffic encryption enabled[SageMaker.16] SageMaker models should use private registry in VPC for primary containers[SageMaker.17] SageMaker feature group offline stores should be encrypted with AWS KMS keys[SageMaker.18] SageMaker feature group online stores with standard storage should be encrypted with AWS KMS keys[SageMaker.19] SageMaker models should use private registry in VPC for multi-container inference pipelines
@@ -423,0 +424,24 @@ For information on enabling encryption at rest for SageMaker Feature Store offli
+## [SageMaker.18] SageMaker feature group online stores with standard storage should be encrypted with AWS KMS keys
+
+**Related requirements:** NIST.800-53.r5 AU-9, NIST.800-53.r5 CA-9(1), NIST.800-53.r5 CM-3(6), NIST.800-53.r5 SC-7(10), NIST.800-53.r5 SC-12(2), NIST.800-53.r5 SC-13, NIST.800-53.r5 SC-28, NIST.800-53.r5 SC-28(1), NIST.800-53.r5 SI-7(6)
+
+**Category:** Protect > Data protection > Encryption of data at rest
+
+**Severity:** Medium
+
+**Resource type:** `AWS::SageMaker::FeatureGroup`
+
+**AWS Config rule:** [sagemaker-featuregroup-online-store-encryption](https://docs.aws.amazon.com/config/latest/developerguide/sagemaker-featuregroup-online-store-encryption.html)
+
+**Schedule type:** Change triggered
+
+**Parameters:** None
+
+This control checks whether an Amazon SageMaker online store for a feature group with standard storage is encrypted at rest with an AWS KMS key. The control fails if KMS key encryption is not configured for the online store.
+
+Using customer-managed AWS KMS keys for encryption at rest of SageMaker feature group online stores provides enhanced security. Customer-managed KMS keys give you full control over encryption key lifecycle and key policies. Additionally, all encryption key usage can be logged and monitored through AWS CloudTrail for auditability.
+
+### Remediation
+
+For information on enabling encryption at rest for SageMaker Feature Store online stores using AWS KMS customer-managed keys, see [Security and access control](https://docs.aws.amazon.com/sagemaker/latest/dg/feature-store-security.html) in the _Amazon SageMaker AI Developer Guide_.
+