AWS Security ChangesHomeSearch

AWS sagemaker-unified-studio documentation change

Service: sagemaker-unified-studio · 2025-11-22 · Documentation low

File: sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md

Summary

Separated EMR and KMS permissions documentation. Added explicit KMS requirements for customer-managed keys.

Security assessment

Restructures documentation to emphasize encryption capabilities (security feature) but lacks evidence of patching a specific security weakness.

Diff

diff --git a/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md b/sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md
index d7e5fb9b8..24790aeb4 100644
--- a//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md
+++ b//sagemaker-unified-studio/latest/adminguide/security-iam-awsmanpol-SageMakerStudioProjectUserRolePolicy.md
@@ -31 +31 @@ You can't create new projects with AWS CodeCommit. Existing projects that were c
-  * Amazon EMR permissions are required for users to create and access Amazon EMR clusters. AWS KMS permissions are required to use CMK in the various services integrated with Amazon SageMaker Unified Studio.
+  * Amazon EMR permissions are required for users to create and access Amazon EMR clusters.
@@ -38,0 +39,2 @@ You can't create new projects with AWS CodeCommit. Existing projects that were c
+  * AWS KMS permissions are required to support customer managed keys. Resources provisioned by Amazon SageMaker Unified Studio can be encrypted with your customer managed key.
+