AWS solutions documentation change
Summary
Added security-related explanations for access restrictions, SageMaker Studio permissions, LakeFormation requirements, and VPC configurations
Security assessment
The changes document security practices (e.g., role-based access controls, VPC requirements) but do not address a specific security vulnerability. They clarify existing security features.
Diff
diff --git a/solutions/latest/modern-data-architecture-accelerator/troubleshooting.md b/solutions/latest/modern-data-architecture-accelerator/troubleshooting.md index 8996fd4ce..db0553f54 100644 --- a//solutions/latest/modern-data-architecture-accelerator/troubleshooting.md +++ b//solutions/latest/modern-data-architecture-accelerator/troubleshooting.md @@ -17 +17 @@ Known issue resolution provides instructions to mitigate known errors. If these -**Reason:** ??? +**Reason:** For security purposes, data upload permissions to the bucket are restricted to users with the data-admin role. Standard admin users do not have upload privileges. @@ -38,3 +38 @@ Known issue resolution provides instructions to mitigate known errors. If these -**Reason:** - -??? +**Reason:** To set up a data science environment in SageMaker Studio, a unique user profile is needed with a unique name. This profile will grant the user permission to access and launch SageMaker Studio resources. @@ -72 +70 @@ Known issue resolution provides instructions to mitigate known errors. If these -**Reason:** ??? +**Reason:** LakeFormation expects a datascience.yaml to create datascience related configurations @@ -129,0 +128,2 @@ Known issue resolution provides instructions to mitigate known errors. If these +**Reason:** vpc_id and subnet_id are needed to create a secure data environment within the vpc +