AWS sagemaker-unified-studio medium security documentation change
Summary
Added entries for policy updates to SageMakerStudioProjectProvisioningRolePolicy and SageMakerStudioProjectUserRolePolicy including untag permissions, QuickSight integration, KMS permissions, and policy optimizations
Security assessment
The changes document updates to AWS managed policies including critical security-related permissions: 1) Adding untag role permissions to fix project failures 2) KMS permissions for data connections 3) Modifying RedshiftDbUser restrictions. These directly impact access control and resource permissions.
Diff
diff --git a/sagemaker-unified-studio/latest/adminguide/doc-history.md b/sagemaker-unified-studio/latest/adminguide/doc-history.md index 8ef2578b2..fc5650b71 100644 --- a//sagemaker-unified-studio/latest/adminguide/doc-history.md +++ b//sagemaker-unified-studio/latest/adminguide/doc-history.md @@ -10,0 +11,2 @@ Change| Description| Date +Policy updates - SageMakerStudioProjectProvisioningRolePolicy| Policy updates to the SageMakerStudioProjectProvisioningRolePolicy - adding the untag role permission to fix project update failure. Also adding permissions to integrate with Amazon QuickSight. Also optimizing to reduce the policy size. And adding permissions to enable automatic sync of repositories. For more information, see [Amazon SageMaker Unified Studio updates to AWS managed policies](https://docs.aws.amazon.com/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol.html).| June 4, 2025 +Policy update - SageMakerStudioProjectUserRolePolicy| Policy updates to the SageMakerStudioProjectUserRolePolicy - removing RedshiftDbUser format restriction. Adding KMS permissions required by dependent services for Federated Data Connection. Adding permissions to support Amazon QuickSight integration.For more information, see [Amazon SageMaker Unified Studio updates to AWS managed policies](https://docs.aws.amazon.com/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol.html).| June 4, 2025