AWS Security ChangesHomeSearch

AWS sagemaker-unified-studio medium security documentation change

Service: sagemaker-unified-studio · 2025-03-26 · Security-related medium

File: sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md

Summary

Documented policy updates restricting default Glue database access and adding Bedrock service roles

Security assessment

Explicitly describes security-related policy changes including access restrictions and new role permissions

Diff

diff --git a/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md b/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md
index 0494198d4..7ccec64ce 100644
--- a/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md
+++ b/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md
@@ -10,0 +11,2 @@ Change | Description | Date
+Policy update - [SageMakerStudioProjectUserRolePolicy](https://docs.aws.amazon.com/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy) |  Policy updates to the SageMakerStudioProjectUserRolePolicy - preventing default AWS Glue database from being listed as it causes issues with Spark SQL. Also adding permission to use new project-wide Amazon Bedrock service role for improved scalability. | 3/21/2025  
+Policy update - [SageMakerStudioProjectProvisioningRolePolicy](https://docs.aws.amazon.com/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectProvisioningRolePolicy) |  Policy updates to the SageMakerStudioProjectProvisioningRolePolicy \- adding permission to describe stack event for better error reporting. | 3/21/2025