AWS sagemaker-unified-studio documentation change
Summary
Added policy update granting sagemaker:StartSession and glue:UntagResource permissions
Security assessment
Documents expanded IAM permissions but does not address a specific security vulnerability. The StartSession permission could enable new access patterns but is presented as a feature update.
Diff
diff --git a/sagemaker-unified-studio/latest/adminguide/doc-history.md b/sagemaker-unified-studio/latest/adminguide/doc-history.md index 839c61335..c5a540dcc 100644 --- a//sagemaker-unified-studio/latest/adminguide/doc-history.md +++ b//sagemaker-unified-studio/latest/adminguide/doc-history.md @@ -10,0 +11 @@ Change| Description| Date +Policy updates| Policy updates to SageMakerStudioUserIAMDefaultExecutionPolicy - adding `sagemaker:StartSession` to allow users to connect to a space from the local IDE. Also adding `glue:UntagResource` permission. For more information, see [Amazon SageMaker Unified Studio updates to AWS managed policies](https://docs.aws.amazon.com/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol.html).| October 10, 2025