Trusted identity propagation with Studio - Amazon SageMaker AI
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Trusted identity propagation with Studio

Trusted identity propagation is an Amazon IAM Identity Center feature that administrators of connected Amazon services can use to grant and audit access to service data. Access to this data is based on user attributes such as group associations. Setting up trusted identity propagation requires collaboration between the administrators of connected Amazon services and the IAM Identity Center administrator. For more information, see Prerequisites and considerations.

The Amazon SageMaker Studio and IAM Identity Center administrators can collaborate to connect the services for trusted identity propagation. Trusted identity propagation addresses enterprise authentication needs across Amazon services by simplifying:

  • Enhanced auditing that tracks actions to specific users

  • Access management for data science and machine learning workloads through integration with compatible Amazon services

  • Compliance requirements in regulated industries

Studio supports trusted identity propagation for audit purposes and access control with connected Amazon services. Trusted identity propagation in Studio does not directly handle authentication or authorization decisions within Studio itself. Instead, it propagates identity context information to compatible services that can use this information for access control.

When you use trusted identity propagation with Studio, your IAM Identity Center identity propagates to connected Amazon services, creating more granular permissions and security governance.

Topics