AWS sagemaker-unified-studio documentation change
Summary
Added 'datazone:QueryGraph' permission requirement and rephrased note about managed policy inclusion
Security assessment
Clarifies required permissions for accessing data lineage features but doesn't address a specific vulnerability. Enhances documentation about existing security controls.
Diff
diff --git a/sagemaker-unified-studio/latest/userguide/datazone-data-lineage-permissions.md b/sagemaker-unified-studio/latest/userguide/datazone-data-lineage-permissions.md index 9402abd26..fa13b4898 100644 --- a//sagemaker-unified-studio/latest/userguide/datazone-data-lineage-permissions.md +++ b//sagemaker-unified-studio/latest/userguide/datazone-data-lineage-permissions.md @@ -16,0 +17 @@ Permissions on following actions are needed to view lineage graph: + * `datazone:QueryGraph` @@ -20 +21,2 @@ Permissions on following actions are needed to view lineage graph: -Both these are included in the `AmazonSageMakerDomainExecution` managed policy and therefore every user in an Amazon SageMaker Unified Studio domain can invoke these to view the data lineage graph in Amazon SageMaker Unified Studio. + +Above permissions are included in the `AmazonSageMakerDomainExecution` managed policy and therefore every user in an Amazon SageMaker Unified Studio domain can invoke these to view the data lineage graph in Amazon SageMaker Unified Studio.