AWS sagemaker-unified-studio medium security documentation change
Summary
Added policy update entries documenting permission changes for SageMakerStudioProjectUserRolePolicy
Security assessment
Explicitly documents security-related policy changes including removal of S3 bucket listing permissions, EMR termination capabilities, and security group modification permissions. This constitutes security documentation updates about IAM policy hardening.
Diff
diff --git a/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md b/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md index f65ec8b11..a0709b37b 100644 --- a//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md +++ b//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-updates.md @@ -10,0 +11,2 @@ Change | Description | Date +Policy update - [SageMakerStudioProjectUserRolePolicy ](https://docs.aws.amazon.com/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy ) | Policy updates to the SageMakerStudioProjectUserRolePolicy - bring back previously removed permission to `ListBucket` to fix issues in AWS Glue sessions and connections. | 6/13/2025 +Policy update - [SageMakerStudioProjectUserRolePolicy](https://docs.aws.amazon.com/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy) | Policy updates to the SageMakerStudioProjectUserRolePolicy - adding permissions to list Amazon Bedrock foundation models. Removing permissions to terminate EMR Cluster, change security group rules, Amazon Athena default catalog permissions, and list S3 buckets permissions at bucket level. | 6/13/2025