AWS Security ChangesHomeSearch

AWS sagemaker-unified-studio documentation change

Service: sagemaker-unified-studio · 2025-05-31 · Documentation low

File: sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md

Summary

Added ListFoundationModels permission to IAM policy

Security assessment

Permission expansion for operational functionality (model metadata access) without evidence of addressing a security gap or vulnerability.

Diff

diff --git a/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md b/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md
index 992610380..0a2ad7760 100644
--- a//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md
+++ b//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-AmazonDataZoneBedrockModelConsumptionPolicy.md
@@ -30,0 +31,8 @@ Provides permissions to consume Amazon Bedrock models, including invoking Amazon
+    		{
+    			"Sid": "ListFoundationModels",
+    			"Effect": "Allow",
+    			"Action": [
+    				"bedrock:ListFoundationModels"
+    			],
+    			"Resource": "*"
+    		},
@@ -109,2 +116,0 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-SageMakerStudioQueryExecutionRolePolicy
-
@@ -112,0 +119,2 @@ SageMakerStudioEMRServiceRolePolicy
+SageMakerStudioEMRInstanceRolePolicy
+