AWS sagemaker-unified-studio documentation change
Summary
Added ListFoundationModels permission to IAM policy
Security assessment
Permission expansion for operational functionality (model metadata access) without evidence of addressing a security gap or vulnerability.
Diff
diff --git a/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md b/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md index 992610380..0a2ad7760 100644 --- a//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md +++ b//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md @@ -30,0 +31,8 @@ Provides permissions to consume Amazon Bedrock models, including invoking Amazon + { + "Sid": "ListFoundationModels", + "Effect": "Allow", + "Action": [ + "bedrock:ListFoundationModels" + ], + "Resource": "*" + }, @@ -109,2 +116,0 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -SageMakerStudioQueryExecutionRolePolicy - @@ -112,0 +119,2 @@ SageMakerStudioEMRServiceRolePolicy +SageMakerStudioEMRInstanceRolePolicy +