AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2026-07-10 · Documentation high

File: securityhub/latest/userguide/exposure-sagemaker-notebook-instance.md

Summary

Expanded documentation to include detailed descriptions of impact traits for SageMaker notebook instances, adding 16 new privilege escalation patterns and remediation guidance. Restructured content to separate misconfiguration and impact traits.

Security assessment

The changes add comprehensive documentation about privilege escalation patterns and attack vectors (e.g., credential minting, trust policy hijack, data ransomware) but don't indicate a specific security vulnerability being fixed. The additions proactively educate about security risks without referencing a patched issue.

Diff

diff --git a/securityhub/latest/userguide/exposure-sagemaker-notebook-instance.md b/securityhub/latest/userguide/exposure-sagemaker-notebook-instance.md
index 423a6a59c..5a540c817 100644
--- a//securityhub/latest/userguide/exposure-sagemaker-notebook-instance.md
+++ b//securityhub/latest/userguide/exposure-sagemaker-notebook-instance.md
@@ -7 +7 @@
-Misconfiguration traits for Amazon SageMaker notebook instances
+Misconfiguration traits for Amazon SageMaker notebook instancesImpact traits for Amazon SageMaker notebook instances
@@ -31 +31 @@ The remediation guidance provided in this topic might require additional consult
-    * [The role associated with the Amazon SageMaker notebook instance has an administrative access policy](./exposure-sagemaker-notebook-instance.html#administrative-access-policy)
+  * [Impact traits for Amazon SageMaker notebook instances](./exposure-sagemaker-notebook-instance.html#sagemaker-impact)
@@ -33 +33,31 @@ The remediation guidance provided in this topic might require additional consult
-    * [The role associated with the Amazon SageMaker notebook instance has a service-level administrative access policy](./exposure-sagemaker-notebook-instance.html#service-admin-policy)
+    * [Full control privileged executor](./exposure-sagemaker-notebook-instance.html#full-control-privileged-executor)
+
+    * [Direct policy escalation](./exposure-sagemaker-notebook-instance.html#direct-policy-escalation)
+
+    * [Trust policy hijack](./exposure-sagemaker-notebook-instance.html#trust-policy-hijack)
+
+    * [Data ransomware](./exposure-sagemaker-notebook-instance.html#data-ransomware)
+
+    * [Remove restriction](./exposure-sagemaker-notebook-instance.html#remove-restriction)
+
+    * [Pass role create executor](./exposure-sagemaker-notebook-instance.html#pass-role-create-executor)
+
+    * [Swap role existing executor](./exposure-sagemaker-notebook-instance.html#swap-role-existing-executor)
+
+    * [Role chain escalation](./exposure-sagemaker-notebook-instance.html#role-chain-escalation)
+
+    * [Inject code privileged executor](./exposure-sagemaker-notebook-instance.html#inject-code-privileged-executor)
+
+    * [Disable audit trail](./exposure-sagemaker-notebook-instance.html#disable-audit-trail)
+
+    * [Access existing executor](./exposure-sagemaker-notebook-instance.html#access-existing-executor)
+
+    * [Credential minting](./exposure-sagemaker-notebook-instance.html#credential-minting)
+
+    * [Pass role data access](./exposure-sagemaker-notebook-instance.html#pass-role-data-access)
+
+    * [Pass role task hijack](./exposure-sagemaker-notebook-instance.html#pass-role-task-hijack)
+
+    * [Single hop data access](./exposure-sagemaker-notebook-instance.html#single-hop-data-access)
+
+    * [Capability advancing](./exposure-sagemaker-notebook-instance.html#capability-advancing)
@@ -66 +96,55 @@ If root access is required for specific tasks, consider using Amazon SageMaker S
-### The role associated with the Amazon SageMaker notebook instance has an administrative access policy
+## Impact traits for Amazon SageMaker notebook instances
+
+Impact traits describe the potential blast radius of an exposure. Security Hub analyzes the effective permissions of the AWS Identity and Access Management principal associated with the SageMaker notebook instance to determine the downstream resources an attacker could reach if the notebook instance is compromised. Each impact trait identifies a specific privilege escalation pattern. To reduce your blast radius, review the permission paths described in each trait and remove any unnecessary privileges.
+
+Following standard security principles, AWS recommends that you grant least privilege — only the permissions required to perform a task. Replace broad policies with scoped-down policies that grant only the specific actions and resources needed. To identify unused permissions to remove, use IAM Access Analyzer to generate recommendations based on access history. For more information, see [Findings for external and unused access](https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-findings.html) and [Apply least-privilege permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege) in the _IAM User Guide_.
+
+### Full control privileged executor
+
+The associated principal can pass a role to and inject code into a compute resource that already has elevated permissions. This allows the principal to gain full control over the executor and perform any action that the executor's role permits.
+
+### Direct policy escalation
+
+The associated principal can directly modify IAM policies to grant itself additional permissions, escalating its own privileges without intermediate resources.
+
+### Trust policy hijack
+
+The associated principal can modify the trust policy of an IAM role to allow itself to assume that role, gaining the role's permissions.
+
+### Data ransomware
+
+The associated principal can encrypt or delete data in a way that could be used for ransomware, such as encrypting Amazon S3 objects with a customer-managed AWS KMS key and then modifying the key policy.
+
+### Remove restriction
+
+The associated principal can remove security restrictions such as permission boundaries, service control policies, or resource-based policy deny statements, expanding what other principals or the resource itself can do.
+
+### Pass role create executor
+
+The associated principal can create a new compute resource (such as a Lambda function or Amazon EC2 instance) and pass it a privileged role, effectively laundering its own permissions through the new resource.
+
+### Swap role existing executor
+
+The associated principal can change the IAM role attached to an existing compute resource, replacing it with a more privileged role to escalate access.
+
+### Role chain escalation
+
+The associated principal can assume a sequence of roles, where each role in the chain has progressively broader permissions, ultimately reaching a highly privileged role.
+
+### Inject code privileged executor
+
+The associated principal can inject code into a running compute resource that has elevated permissions, executing arbitrary operations under that resource's privileged role.
+
+### Disable audit trail
+
+The associated principal can disable logging or monitoring services such as CloudTrail, effectively covering its tracks during or after an escalation.
+
+### Access existing executor
+
+The associated principal can invoke or connect to an existing compute resource and use its attached role to perform privileged actions.
+
+### Credential minting
+
+The associated principal can create new long-term credentials (such as access keys or login profiles) for other principals, establishing persistent access paths that survive password rotations or session expirations.
+
+### Pass role data access
@@ -68 +152 @@ If root access is required for specific tasks, consider using Amazon SageMaker S
-The execution role attached to the notebook instance has a policy that grants administrative access to your AWS account. If the notebook is compromised, an attacker can leverage the role credentials to access and modify any resource in the account. Following security best practices, AWS recommends applying the principle of least privilege to notebook execution roles. 
+The associated principal can create a service resource and pass it a role that has access to sensitive data, gaining indirect access to that data through the new resource.
@@ -70 +154 @@ The execution role attached to the notebook instance has a policy that grants ad
-###### Scope down the execution role
+### Pass role task hijack
@@ -72 +156 @@ The execution role attached to the notebook instance has a policy that grants ad
-Review the IAM policies attached to the notebook's execution role. Remove `AdministratorAccess` or overly broad policies and replace them with policies that grant only the permissions required for your notebook's workflows. For guidance on creating scoped Amazon SageMaker roles, see [Amazon SageMaker roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) in the _Amazon SageMaker Developer Guide_. 
+The associated principal can pass a role to a scheduled or event-driven task (such as a Lambda function triggered by an event), allowing it to execute arbitrary code with that role's permissions.
@@ -74 +158 @@ Review the IAM policies attached to the notebook's execution role. Remove `Admin
-### The role associated with the Amazon SageMaker notebook instance has a service-level administrative access policy
+### Single hop data access
@@ -76 +160 @@ Review the IAM policies attached to the notebook's execution role. Remove `Admin
-The execution role attached to the notebook instance has a policy that grants full access to one or more AWS services (for example, `s3:*` or `ec2:*`). If the notebook is compromised, an attacker can leverage the role credentials to access or modify resources within those services. Following security best practices, AWS recommends scoping service permissions to only the specific actions and resources required. 
+The associated principal can directly access sensitive data resources (such as Amazon S3 buckets or DynamoDB tables) through its existing permissions, without needing intermediate escalation steps.
@@ -78 +162 @@ The execution role attached to the notebook instance has a policy that grants fu
-###### Restrict service-level permissions
+### Capability advancing
@@ -80 +164 @@ The execution role attached to the notebook instance has a policy that grants fu
-Review the IAM policies attached to the notebook's execution role. Replace wildcard service actions (such as `s3:*`) with specific actions required for your workflow (such as `s3:GetObject` and `s3:PutObject` on specific bucket ARNs). For guidance on creating scoped policies, see [Creating IAM policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html) in the _IAM User Guide_. 
+The associated principal has a privilege escalation path that advances its overall capabilities beyond what its directly assigned permissions would suggest. This is a general classification for paths that do not match a more specific pattern.
@@ -90 +174 @@ Remediating exposures for Amazon S3 buckets
-Unused access findings
+Remediating exposures for Azure virtual machines