AWS sagemaker-unified-studio documentation change
Summary
Separated EMR and KMS permissions documentation. Added explicit KMS requirements for customer-managed keys.
Security assessment
Restructures documentation to emphasize encryption capabilities (security feature) but lacks evidence of patching a specific security weakness.
Diff
diff --git a/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md b/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md index d7e5fb9b8..24790aeb4 100644 --- a//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md +++ b//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md @@ -31 +31 @@ You can't create new projects with AWS CodeCommit. Existing projects that were c - * Amazon EMR permissions are required for users to create and access Amazon EMR clusters. AWS KMS permissions are required to use CMK in the various services integrated with Amazon SageMaker Unified Studio. + * Amazon EMR permissions are required for users to create and access Amazon EMR clusters. @@ -38,0 +39,2 @@ You can't create new projects with AWS CodeCommit. Existing projects that were c + * AWS KMS permissions are required to support customer managed keys. Resources provisioned by Amazon SageMaker Unified Studio can be encrypted with your customer managed key. +