AWS sagemaker-unified-studio documentation change
Summary
Added sts:TagSession permission to IAM policy example
Security assessment
Added missing session tagging permission for cross-account access. Improves security documentation but no evidence of vulnerability fix.
Diff
diff --git a/sagemaker-unified-studio/latest/userguide/adding-existing-emr-on-ec2-clusters.md b/sagemaker-unified-studio/latest/userguide/adding-existing-emr-on-ec2-clusters.md index 9fad5a9e6..9f7138679 100644 --- a//sagemaker-unified-studio/latest/userguide/adding-existing-emr-on-ec2-clusters.md +++ b//sagemaker-unified-studio/latest/userguide/adding-existing-emr-on-ec2-clusters.md @@ -115,0 +116,7 @@ If the Amazon SageMaker Unified Studio project uses a different VPC than the Ama + }, + { + "Effect": "Allow", + "Principal": { + "AWS": "project-role-arn" + }, + "Action":"sts:TagSession"