AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-06-13 · Documentation low

File: cli/latest/reference/sagemaker/create-endpoint-config.md

Summary

Updated AWS CLI version and clarified KMS encryption behavior for Nitro-based instances' local storage

Security assessment

Clarifies security feature (encryption) by specifying KmsKeyId doesn't encrypt local storage on Nitro instances, improving documentation of encryption boundaries.

Diff

diff --git a/cli/latest/reference/sagemaker/create-endpoint-config.md b/cli/latest/reference/sagemaker/create-endpoint-config.md
index e9407ec8d..5c0e7c27e 100644
--- a//cli/latest/reference/sagemaker/create-endpoint-config.md
+++ b//cli/latest/reference/sagemaker/create-endpoint-config.md
@@ -15 +15 @@
-  * [AWS CLI 2.35.1 Command Reference](../../index.html) »
+  * [AWS CLI 2.35.3 Command Reference](../../index.html) »
@@ -1425 +1425 @@ JSON Syntax:
-> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can’t request a `KmsKeyId` when using an instance type with local storage. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, do not specify a value for the `KmsKeyId` parameter. If you specify a value for `KmsKeyId` when using any nitro-based instances with local storage, the call to `CreateEndpointConfig` fails.
+> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, the `KmsKeyId` parameter does not encrypt instance local storage.
@@ -3258 +3258 @@ EndpointConfigArn -> (string)
-  * [AWS CLI 2.35.1 Command Reference](../../index.html) »
+  * [AWS CLI 2.35.3 Command Reference](../../index.html) »