AWS sagemaker documentation change
Summary
Removed the sagemaker:DescribeAlgorithm permission requirement from the execution role permissions section for algorithm resources
Security assessment
This change removes a specific IAM permission requirement but doesn't reference any security issue or vulnerability. It's likely a documentation update reflecting changes in permission requirements without security implications.
Diff
diff --git a/sagemaker/latest/dg/sagemaker-roles.md b/sagemaker/latest/dg/sagemaker-roles.md index 2f0112901..0dfc83775 100644 --- a//sagemaker/latest/dg/sagemaker-roles.md +++ b//sagemaker/latest/dg/sagemaker-roles.md @@ -1280,11 +1279,0 @@ If `CreateTrainingJob.AlgorithSpecifications.TrainingImage` needs to access othe -If you specify an algorithm resource by using the `AlgorithmSpecification.AlgorithmArn` parameter, the execution role must also have the following permission: - - - { - "Effect": "Allow", - "Action": [ - "sagemaker:DescribeAlgorithm" - ], - "Resource": "arn:aws:sagemaker:*:*:algorithm/*" - } -