AWS sagemaker-unified-studio documentation change
Summary
Updated CloudFormation reference and added Amazon MWAA permissions requirement
Security assessment
The change adds Amazon MWAA permissions and adjusts branding for CloudFormation. No security-related context or fixes are explicitly mentioned.
Diff
diff --git a/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioUserIAMPermissiveExecutionPolicy.md b/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioUserIAMPermissiveExecutionPolicy.md index 065afedb3..bfeb0c8f4 100644 --- a//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioUserIAMPermissiveExecutionPolicy.md +++ b//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioUserIAMPermissiveExecutionPolicy.md @@ -9 +9 @@ This is an execution policy for using IAM roles with Amazon SageMaker Unified St -This policy provides full access to all APIs and resources for services used in Amazon SageMaker Unified Studio, such as Amazon CloudWatch Logs AWS Glue, Amazon Redshift, Amazon Redshift Data API, Amazon Redshift Serverless, Amazon S3, Amazon Athena, Amazon Bedrock, Amazon CodeWhisperer, Amazon DataZone, Amazon Q, Amazon SageMaker AI, AWS SQL Workbench, Amazon EventBridge Scheduler, and AWS CloudFormation. +This policy provides full access to all APIs and resources for services used in Amazon SageMaker Unified Studio, such as Amazon CloudWatch Logs AWS Glue, Amazon Redshift, Amazon Redshift Data API, Amazon Redshift Serverless, Amazon S3, Amazon Athena, Amazon Bedrock, Amazon CodeWhisperer, Amazon DataZone, Amazon Q, Amazon SageMaker AI, AWS SQL Workbench, Amazon EventBridge Scheduler, and CloudFormation. @@ -28,0 +29,2 @@ Additional access is provided for the following services: + * Amazon MWAA permissions are required to manage and schedule workflows. +