AWS sagemaker documentation change
Summary
Added specific IAM policy reference for Canvas permissions
Security assessment
Clarifies required IAM permissions for access control but does not indicate remediation of a security vulnerability
Diff
diff --git a/sagemaker/latest/dg/canvas-q.md b/sagemaker/latest/dg/canvas-q.md index f66c8b94f..937fce2fe 100644 --- a//sagemaker/latest/dg/canvas-q.md +++ b//sagemaker/latest/dg/canvas-q.md @@ -103 +103 @@ Make sure that you have a Canvas application set up. For information about how t -To access Q Developer while using Canvas, you must attach the necessary permissions to the AWS IAM role used for your SageMaker AI domain or user profile. You can do this through the console or by manually attaching an AWS managed policy. +To access Q Developer while using Canvas, you must attach the necessary permissions to the AWS IAM role used for your SageMaker AI domain or user profile. You can do this through the console described in this section. If you encounter any permissions issues due to using the console method, then manually attach the AWS managed policy [ AmazonSageMakerCanvasSMDataScienceAssistantAccess](https://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol-canvas.html#security-iam-awsmanpol-AmazonSageMakerCanvasSMDataScienceAssistantAccess) to the IAM role.