AWS Security ChangesHomeSearch

AWS opensearch-service documentation change

Service: opensearch-service · 2026-07-07 · Documentation low

File: opensearch-service/latest/developerguide/application-enable-SAML-identity-federation.md

Summary

Added note about IAM Identity Center integration replacing SAML for AWS-native SSO

Security assessment

Clarifies security best practices for authentication. Promotes more secure AWS-native solution but doesn't fix specific vulnerability.

Diff

diff --git a/opensearch-service/latest/developerguide/application-enable-SAML-identity-federation.md b/opensearch-service/latest/developerguide/application-enable-SAML-identity-federation.md
index c48c86515..bacbb8e1e 100644
--- a//opensearch-service/latest/developerguide/application-enable-SAML-identity-federation.md
+++ b//opensearch-service/latest/developerguide/application-enable-SAML-identity-federation.md
@@ -14,0 +15,4 @@ This topic presents step-by-step instructions for configuring SAML use with Open
+###### Note
+
+If you use AWS IAM Identity Center, you do not need to configure SAML federation as described in this topic. OpenSearch UI supports IAM Identity Center natively, which provides SSO access without additional SAML configuration. IAM Identity Center also supports organization-level user and group management. The SAML integration described here is intended for third-party identity providers (such as Okta, Azure Active Directory, and Ping) that are not IAM Identity Center.
+